良好的一天，女士们，先生们 我现在面临一个巨大的问题，强大的互联网不知何故拒绝帮助我。

Good day Ladies and Gentlemen I am facing an huge issue and the mighty internet somehow refuses to help me.

我需要知道： 是否有可能通过两个完全地不同Acitve目录来验证我的Tomcat的用户？ 所以，我的Tomcat查找在同一时间的凭据在这两个广告？ 而如果可能的话，怎么样？可我只是将它们配置为两个领域？

What I need to know: Is it possible to authenticate my Tomcat-Users via two completly different Acitve Directories? So that my Tomcat looks for the credentials in both ADs at the same time? And if its possible, how? Can I just configure them as two realms?

我的尝试： 用Google搜索了很多，没有得到statisfying答案。可悲的是我没有一个测试环境

What I tried: Googled a lot, didn't get a statisfying answer. Sadly I do not have a testing environment

很多很多预先感谢

推荐答案

如果你在森林或主机有一个跨领域信任，使用Kerberos： http://tomcatspnegoad.sourceforge.net/

If you are in a forest or the hosts have a cross-realm trust, use Kerberos: http://tomcatspnegoad.sourceforge.net/