Reputation: 707
How to point Apache Shiro to multiple dynamically generated LDAP servers?
I lookup LDAP servers using this method . The list contains about 30 LDAP servers. In my Tomcat application I need to authorize users . I could't find any documentation for how to do this with Shiro. I know how to point to one LDAP. But how can I point to multiple LDAP servers? Any of these LDAP servers could be down at any time. Most of them are up though usually. Also how do I refresh the LDAP list periodically? I don't have any control over LDAP. So I need to point Shiro to what the below method returns
public List<String> getLdapServers (final String dnsServQuery)
{
final List<String> serverList = new ArrayList<>();
try {
final DirContext dnsContext = new InitialDirContext(env);
final String dnsQueryType[] = { "SRV" };
. . . blah blah
return serverList;
}
Upvotes: 0
Views: 185
Answers (1)
Reputation: 2080
There are a few ways to do this.
1.) you could just generate a shiro.ini before Shiro is loaded (simple, but not exactly a robust solution)
2.) You could create a new realm (extending the LDAP realm) and handle your initialization that way.
3.) Implement an LdapContextFactory and manage the connection this way.
I'd recommend #3
Upvotes: 1
Related Questions
- Apache Shiro combined with LDAP
- Shiro with LDAP
- Shiro authentication for ldap with zeppelin
- Setting spring ldap base dynamically for a new connection each usage
- Adding multiple ldap sources to spring-security in multi-domain environment
- Shiro.ini ldap server credentials
- Apache Shiro LDAP Configuration (2 Step Authentication)
- Dynamically Configure LDAP Server using Spring Security
- Shiro LDAP Authorization config
- Apache shiro LDAP multiple OUs