Some of the code for our modification seems like it doesn't need to be run every time someone attempts to authenticate. In particular, the code that does the JNDI lookup of the username, password, and searchBase that are used to search LDAP - we realy only need to execute this code once. Would it make sense to do that in activate()? I'm not familiar with when that method is called or what it's for, but it looks like it might be the right place to do that.

Please advise. Thanks.