A directory server such as Sun Java System Directory Server allows you to manage all your user information from a single application. You can also configure the directory server to allow your users to retrieve directory information from multiple, easily accessible network locations.
In Web Server 7.0, you can configure three different types of directory services to authenticate and authorize users and groups. If no other directory service is configured, the new directory service created will be set to the value default, irrespective of its type.
When you create an a directory service, the server.xml file is updated with the directory service details.
The different types of directory services supported by Web Server 7.0 are:
LDAP — Stores user and group information in an LDAP-based directory server.
Key File — A key file is a text file that contains the user’s password in a hashed format, and the list of groups to which the user belongs. The users and groups stored in a key file are used for authorization and authentication by the file realm alone; these bear no relationship to system users and groups.
The key file format can only be used when the intent is to use HTTP Basic authentication.
Digest File — Stores user and group information based on encrypted username and password.
The digest file format is meant to support using HTTP Digest authentication. It does, however, also support Basic authentication, so it can be used for both authentication methods.
If you want to set up distributed administration, the default directory service must be an LDAP-based directory service.