It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Follow this question
Question details

×42,788

question asked: Jun 21 '11, 4:17 p.m.
question was seen: 6,493 times
last updated: Mar 29 '13, 10:53 a.m.

Related questions

FAQ - How this Forum works

Hybrid LDAP and Tomcat

0
laura shragowitz (3642) | asked Jun 21 '11, 4:17 p.m.
As described in this article (https://jazz.net/library/article/604/) we would like to be able to use a "hybrid" approach of using LDAP in combination with a file based (local store) to configure User authentication and authorization.

We would like to be able to do this with Tomcat and see that it is possible to configure a LDAPLocalGroup (https://jazz.net/library/article/457) which we believe would support the required local store requirements (?)

However, it appears(??) that to use Tomcat for this "hybrid" approach we will need to use the CombinedRealm provided in Tomcat6. The RTC 3.0.1 release is using Tomcat 5.5 (although Tomcat 6 was released 4 years ago and Tomcat7 has recently been released).

Are there any plans to upgrade Jazz to Tomcat 7 or Tomcat 6?
Is it possible to federate access to the LDAP store with the JAZZ 3.0.1 release?
Comments
Ralph Schoon commented Jun 22 '11, 3:50 a.m. | edited Mar 29 '13, 10:52 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
As described in this article (https://jazz.net/library/article/604/) we would like to be able to use a "hybrid" approach of using LDAP in combination with a file based (local store) to configure User authentication and authorization.

We would like to be able to do this with <b:d00152f85b>Tomcat </b:d00152f85b>and see that it is possible to configure a LDAPLocalGroup (https://jazz.net/library/article/457) which we believe would support the required local store requirements (?)

However, it appears(??) that to use Tomcat for this &quot;hybrid&quot; approach we will need to use the CombinedRealm provided in Tomcat6. The RTC 3.0.1 release is using Tomcat 5.5 (although Tomcat 6 was released 4 years ago and Tomcat7 has recently been released).

Are there any plans to upgrade Jazz to Tomcat 7 or Tomcat 6?
Is it possible to federate access to the LDAP store with the JAZZ 3.0.1 release?



Hi Laura,

I would suggest to create a work item to express your desire and make development aware of it. Please post the work item here so that I can subscribe and add to the case, one of my customers would like to see this as well and I was not aware that newer versions of Tomcat could do that. I didn't find a hint when I was searching for it.

2 answers

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
Ralph Schoon (63.1k33646) | answered Jun 22 '11, 3:55 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
Hi Laura,

looking at the system requirements https://jazz.net/library/article/632 it says:

Apache Tomcat 5.5.30 +

The +, I think, indicates higher versions of tomcat would also work but 5.5.30 is bundled. You might even be able to try Tomcat 6 or 7. You would probably have to deploy the additional files and most likely also adjust the server start up files etc. I am not sure how hard it would be. So I would suggest to create the work item anyway.
Comments
laura shragowitz commented Jun 22 '11, 10:34 a.m. | edited Mar 29 '13, 10:52 a.m.

I will submit a work item and also <i:afafbb666c>try</i:afafbb666c> to test with Tomcat 6.


My impression though from reading the IBM response to this other forum posting ( https://jazz.net/forums/viewtopic.php?t=15972&amp;highlight=tomcat ) is that Tomcat 6 is NOT supported. IBM is considering it for a future release.

And until it is possible to test with Tomcat6, it is not possible to say definitively if the CombinedRealm will actually solve the primary issue which is to be able to federate the Realms.

Ralph Schoon commented Jun 22 '11, 10:39 a.m. | edited Mar 29 '13, 10:53 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
I will submit a work item and also <i:b5623e287f>try</i:b5623e287f> to test with Tomcat 6.

My impression though from reading the IBM response to this other forum posting ( https://jazz.net/forums/viewtopic.php?t=15972&amp;highlight=tomcat ) is that Tomcat 6 is NOT supported. IBM is considering it for a future release.

And until it is possible to test with Tomcat6, it is not possible to say definitively if the CombinedRealm will actually solve the primary issue which is to be able to federate the Realms.



Thanks for the pointer Laura, I had missed that post. A work item where people could subscribe and add would be good.

Having said that, as per the download page:

4 Each valid client license includes a license to run one instance of DB2 Workgroup or Enterprise Edition (excludes z/OS) and one instance of WebSphere Application Server in support of Rational Team Concert. Trials of DB2 and WebSphere are also available. Express editions of WebSphere Application Server V6.1 and V7.0 are also available for IBM i at no additional charge by ordering the Web Enablement for IBM i. See system requirements for details.
So you might be able to use WAS as well.

laura shragowitz commented Jun 22 '11, 12:55 p.m. | edited Mar 29 '13, 10:53 a.m.

Using WAS is a major change to our production systems and process and is really only a last resort.

Here is the Work Item I have created
https://jazz.net/jazz/web/projects/Jazz%20Foundation#action=com.ibm.team.workitem.viewWorkItem&amp;id=169598
0
permanent link
Stephane Leroy (1.4k149) | answered Mar 29 '13, 9:07 a.m.
JAZZ DEVELOPER
There is a related forum post here where the following information was provided: 

- since v6, Tomcat supports CombinedRealm and
- in CLM 4.0.x, Tomcat v7 is supported.

This Tomcat documentation could help you.
Haven't experienced it myself. You could experience this approach on a 4.0 test environment first to check it answers to your needs and - depending of the outcome - envision for an upgrade of your 3.0.1.X environment.

Regards,
Stéphane

Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.