Using Active Directory to handle application security

[Tom Ewall]

Is anyone using Microsoft's LDAP (that comes with Active Directory) to
handle application security/permissions in connection with java? We
are considering this as an option, and I would like to know of the
feasability of doing this and if anyone is already doing this, if they
are happy with this solution.

 

[JScoobyCed]

Is anyone using Microsoft's LDAP (that comes with Active Directory) to
handle application security/permissions in connection with java? We
are considering this as an option, and I would like to know of the
feasability of doing this and if anyone is already doing this, if they
are happy with this solution.

We are using Active Directory for the authentication of users in a J2EE
web application. The trick is to connect to the LDAP server using the DN
and password of the user. If the connection fails, either the DN or the
password is wrong. We store the real DN of a user in a mapping table,
that maps a login name (for example: username="jimbo", user_dn="CN=jimbo
jim, OU=Users, DC=com, DC=web, DC=www")
The user will enter its password and username. As the DN is stored from
a LDAP query, it is a valid one. So if the connection fails it is
because the password is wrong (or a network connection to the LDAP is
not possible, but it's a different issue).
Look at the http://java.sun.com/products/jndi/tutorial/ldap/ for more
details.