I am using a glassfish 4.1 application server for a web application. The web application authentication/authorization is done by a glassfish ldap realm. So I do not have to implement and configure the ldap connection within my application but within the glassfish container. That's good!
Now I need to implement a login method with username/password in my application (WebService). The parameters are passed within a SOAP request. I want to access another configured ldap realm from the glassfish and pass the username/password to it. As a result I want to know whether the user is authorized.
Is it somehow possible to access a security realm of the application server from within the application and perform a login request?
AFAIK it is not possible to access the realm directly, but in Glassfish there is the (non-portable) programmatic authentication via com.sun.appserv.security.ProgrammaticLogin (https://docs.oracle.com/cd/E18930_01/html/821-2418/beacm.html). For Glassfish 4 see also glassfish 4 programmatic login.