You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@geronimo.apache.org by jbeaulau <jb...@cisco.com> on 2008/07/31 19:48:47 UTC

LDAP security realm across multiple instances

Geronimo: 2.1.1
JRE: 1.5.0_08-b03 - Sun Microsystems Inc.

Hello,

We have a security realm issue that we’re requesting some insight for.
Searched the forums but couldn't find same issue.

We are running multiple instances from one repository, and have configured a
server-wide LDAP security realm in one instance that successfully
authenticates for an application deployed from that instance. When 
an application is configured to use that same security realm in another
instance running from the same repository, the credentials windows appears
as normal, but when valid credentials are entered in the authentication box
and committed, the box disappears as normal, but authentication fails. 

The only entry in the geronimo.out log file is “mortbay.log AUTH FAILURE:
user foo”

The realm is not visible from any instance other than the originating
instance, and that is understandable, but is this a limitation with security
realms and multiple instances? 

Does “server-wide” mean per instance only?

Thank you
-John

-- 
View this message in context: http://www.nabble.com/LDAP-security-realm-across-multiple-instances-tp18759985s134p18759985.html
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.

Re: LDAP security realm across multiple instances

Posted by jbeaulau <jb...@cisco.com>.

Thank you for the information David.

-John


-- 
View this message in context: http://www.nabble.com/LDAP-security-realm-across-multiple-instances-tp18759985s134p18834336.html
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.

Re: LDAP security realm across multiple instances

Posted by David Jencks <da...@yahoo.com>.

On Jul 31, 2008, at 10:48 AM, jbeaulau wrote:

>
> Geronimo: 2.1.1
> JRE: 1.5.0_08-b03 - Sun Microsystems Inc.
>
> Hello,
>
> We have a security realm issue that we’re requesting some insight for.
> Searched the forums but couldn't find same issue.
>
> We are running multiple instances from one repository, and have  
> configured a
> server-wide LDAP security realm in one instance that successfully
> authenticates for an application deployed from that instance. When
> an application is configured to use that same security realm in  
> another
> instance running from the same repository, the credentials windows  
> appears
> as normal, but when valid credentials are entered in the  
> authentication box
> and committed, the box disappears as normal, but authentication fails.
>
> The only entry in the geronimo.out log file is “mortbay.log AUTH  
> FAILURE:
> user foo”
>
> The realm is not visible from any instance other than the originating
> instance, and that is understandable, but is this a limitation with  
> security
> realms and multiple instances?
>
> Does “server-wide” mean per instance only?

yes.  The terms "server-wide" vs "application" are extremely  
misleading and I've been trying to get people to stop using them for  
years.  It has something to do with the lifetime of a components  
deployment rather than much to do with its visibility.  In any case  
the instances all running on one repository are different "servers".

thanks
david jencks
>
>
> Thank you
> -John
>
> -- 
> View this message in context: http://www.nabble.com/LDAP-security-realm-across-multiple-instances-tp18759985s134p18759985.html
> Sent from the Apache Geronimo - Users mailing list archive at  
> Nabble.com.
>