3 Replies Latest reply on Mar 14, 2005 5:52 AM by mike.westaway

    Is JBoss JAAS LDAP suitable for a large enterprise ?

    mike.westaway

      The JAAS LDAP authentication module uses the construct principalDNPrefix + username + principalDNSuffix to authenticate users.
      For example, uid=jduke,ou=People,dc=jboss,dc=org

      In a large organisation (eg 10,000+) it is unlikely the people will be managed as a single org unit.

      Is it possible to use a starting point and do subtree searching ? ie search across multiple org units ? Tomcat allows this.

      Thanks for any feedback,
      Mike

      References:
      http://docs.jboss.org/jbossas/jboss4guide/r1/html/ch8.chapter.html
      8.4.6.3. org.jboss.security.auth.spi.LdapLoginModule