Forum Discussion

Anonymous's avatar
Anonymous
12 years ago

Does CodeCollaborator support multiple LDAP domains?

We do not officially support configuring multiple LDAP domains.

However, the following sample scenario using combined realms has been tested so you may consider trying this. If you do run into authentication problems later on, we recommend testing with only one domain, rather than the configuration below.

 

The following example will search domainB first, and if no matches are found, try domainA. You'll still have to be sure that both domainB and domainA configurations work, so you should try them individually in a test environment before copy/pasting them over the <Realm /> tags below.



<Realm className="org.apache.catalina.realm.CombinedRealm">

    <Realm className="org.apache.catalina.realm.JNDIRealm"

      connectionName="domainB-serviceaccount"

      connectionPassword="your-password"

      connectionURL="domainB-url"

      referrals="follow"

      userBase="your-userBase"

      userSearch="your-userSearch"

      userSubtree="true"

      allRolesMode="strictAuthOnly"

    />

    <Realm className="org.apache.catalina.realm.JNDIRealm"

      connectionName="domainA-serviceAccount"

      connectionPassword="your-password"

      connectionURL="domainA-url"

      referrals="follow"

      userBase="your-userBase"

      userSearch="your-userSearch"

      userSubtree="true"

      allRolesMode="strictAuthOnly"

    />

</Realm>



No Replies