The different types of directory services supported by Sun Java System Web Server 6.1 are:
LDAP: Stores user and group information in an LDAP-based directory server.
If the LDAP service is the default service, the dbswitch.conf file is updated as shown in the example below:
directory default ldap://test22.india.sun.com:589/dc%3Dindia%2Cdc%3Dsun%2Cdc%3Dcom default:binddn cn=Directory Manager default:encoded bindpw YWRtaW5hZG1pbg==
If the LDAP service is a non-default service, the dbswitch.conf file is updated as shown in the example below:
directory ldap ldap://test22.india.sun.com:589/dc%3Dindia%2Cdc%3Dsun%2Cdc%3Dcom ldap:binddn cn=Directory Manager ldap:encoded bindpw YWRtaW5hZG1pbg==
Key File: A key file is a text file that contains the user’s password in a hashed format, and the list of groups to which the user belongs. The users and groups stored in a key file are used for authorization and authentication by the file realm alone; these bear no relationship to system users and groups. For more information about the file realm, see File realm.
The key file format can only be used when the intent is to use HTTP Basic authentication. For more information about this authentication method, see Specifying Users and Groups.
When you create a key file-based database, the dbswitch.conf file is updated as shown in the example below:
directory keyfile file keyfile:syntax keyfile keyfile:keyfile D:\test22\keyfile\keyfiledb
Digest File: Stores user and group information based on encrypted username and password.
The digest file format is meant to support using HTTP Digest authentication. It does, however, also support Basic authentication, so it can be used for both authentication methods. For more information about these methods, see Specifying Users and Groups.
When you create a digest-based database, the dbswitch.conf file is updated as shown in the example below:
directory digest file digest:syntax digest digest:digestfile D:\test22\digest\digestdb
If you want to set up distributed administration, the default directory service must be an LDAP-based directory service.