Thank you - that's very helpful, and almost too easy! I'll give it a try. Regards, Kerrie
-----Original Message----- From: Ben Noordhuis [mailto:[email protected]] Sent: Monday, December 13, 2010 4:20 PM To: [email protected] Subject: Re: [cas-dev] Multiple LDAP Authentication On Tue, Dec 14, 2010 at 00:03, Clark, Kerrie (CIV) <[email protected]> wrote: > We are running CAS as our SSO solution, currently authenticating against a > single LDAP/Active Directory using the sAMAccountName attribute. This is > for our internal users. Now we are in the process of adding another AD for > external users, but we want to authenticate those users against the "mail" > attribute. > > I see where CAS can be configured to search multiple LDAP servers, but I > don't see how to configure them to authenticate against different > attributes. Is this possible? Any tips/hints/advice are welcome. You can (I did, last year). Define two FastBindLdapAuthenticationHandler or BindLdapAuthenticationHandler beans, each with its own filter and LDAP context source, and inject them into the authenticationManager bean in your deployerConfigContext.xml. I don't think you need anything else unless you want to pull user attributes from your LDAP. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
