I am running an application (JIRA) that uses Active Directory as its user directory. In order to connect to the DC, JIRA needs to either bind with a preconfigured username and password, or to bind anonymously. Unfortunately, none of these are ideal because the only credentials I have for the domain is my own, which I do not want to use (security concerns, and also the password changes every three months, requiring me to update it in the application), and the DC does not allow anonymous binds (I have very little control over the AD environment, we're setting a small team tracker in a big company).
I searched for how to make JIRA bind with the credentials used to log in with, but it doesn't seem to support it. I saw some references of LDAP proxies - JIRA will connect to the proxy anonymously, and try to authenticate the user against the proxy. In turn, the proxy binds to the real LDAP server with the given username and password, and passes the results back to JIRA. This sounds like a good solution.
Is this doable/recommended?
I'm using the latest JIRA on RHEL6.
