Redwood Server supports three external security systems:

Lightweight Directory Access Protocol (LDAP)
Java Enterprise Edition (JEE) Security

A hybrid security setup using both JEE and LDAP is also possible under some circumstances.

You can change and configure the security service using the administration server.

More info is available in the install guide of the application server.

Lightweight Directory Access Protocol

LDAP security requires a separate supported LDAP server, see the Lightweight Directory Access Protocol (LDAP) topic for more information.

Java Enterprise Edition

In this case authentication will be handled by the application server. This setup supports any security provider that is supported by your JEE application server.

The disadvantage to this setup is that the JEE standard does not provide a way to list the roles that a user has been granted (you can only ask if a user has a specific role). This means that you will have to add and remove roles in Redwood Server as well as in your external security system. Redwood Server will check if a each role is granted to a user when they log in (this is much less efficient than being able to list roles).

If the JEE server is also using LDAP, use the JEE+LDAP security setup, as this allows the role list to be fetched directly from LDAP, and no additional maintenance is required.

See the Configuring JEE Security topic for more information.

JEE + LDAP

The JEE + LDAP security setup is a hybrid of JEE and LDAP security. It can be used only if the JEE security is also using the same LDAP directory. The JEE+LDAP model supports using JEE single sign on (provided by the application server), and will transfer user/role information directly from LDAP.

Product Documentation

External Security Systems

Lightweight Directory Access Protocol

Java Enterprise Edition

JEE + LDAP

See Also