Originally posted by Julien Martin:
Do you think I have to perform a second authentication against our ldap directory?
No. But generally, a single (or maybe very few) database account(s) can be used for all user activities. Once the user is authenticated in the web tier, it shouldn't be necessary to carry on the credentials further into the database tier. That makes it actually less secure, because a compromised web login means a compromised database login, which is often a more serious problem.
Note that I said "generally", because there may be circumstances where you need to have a database account for each user. Is that the case here? It would be kind of a pain to keep those in synch, though.
As far as Hibernate is concerned, you will need a separate SessionFactory for each database account.