You can use various types of repositories, such as LDAP directories, relational databases, and flat files with either JEE or custom security. You can use EGL single-sign on to access different repositories to authenticate to the application, proxy, and Web services. For single-sign on to succeed, the user id and password that the end user enters in the login screen must exist in each of the various repositories.
The most popular type of repository is a Lightweight Directory Access Protocol (LDAP) directory, which is a specialized database that is optimized for read access and that organizes its data in a tree structure. Before you access an LDAP directory for JEE authentication, configure the application server to connect to the LDAP directory server. For Apache Tomcat, specify this information in the \conf\server.xml file.
// External types needed to access an LDAP directory server. externalType ControlArray type JavaObject { JavaName = "Control[]", PackageName = "javax.naming.ldap" } end externalType InitialDirContext type JavaObject { JavaName = "InitialDirContext", PackageName = "javax.naming.directory" } function modifyAttributes( name String in, mods ModificationItemArray in ); end externalType InitialLdapContext extends InitialDirContext type JavaObject { JavaName = "InitialLdapContext", PackageName = "javax.naming.ldap" } constructor( environment Hashtable in, connCtls ControlArray in ); end externalType ModificationItemArray extends Object type JavaObject { JavaName = "ModificationItem[]", PackageName = "javax.naming.directory" } end // Instantiate a hashtable for binding criteria. // Hashtable is already defined within EGL. hashtable Hashtable = new Hashtable(); // Properties can be found at // http://java.sun.com/j2se/1.4.2/docs/guide/jndi/jndi-ldap.html. // Set JNDI environment properties. // userid and password are passed in as strings. hashtable.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" ); hashtable.put( "java.naming.provider.url", "ldap://localhost:389/o=sample" ); hashtable.put( "java.naming.security.principal", "uid=" + userid + ",ou=people,o=sample"); hashtable.put( "java.naming.security.credentials", password ); hashtable.put( "java.naming.security.authentication", "simple" ); hashtable.put( "java.naming.referral", "follow" ); hashtable.put( "java.naming.security.protocol", null ); // Set LDAP-specific properties. hashtable.put( "java.naming.ldap.version", "3" ); // Connect to the LDAP directory server. ctx InitialLdapContext = new InitialLdapContext( hashtable, null ); if ( ctx != null ) // Retrieve data ... end
For more sample EGL code, including code that retrieves and modifies data in an LDAP directory, see "EGL LDAP Access" or "J2EE Security with EGL LDAP Access" in the help system.