Hi, I'm trying to set up a new CAS implementation that delegates to multiple SAML IdPs, with each IdP representing a distinct slice of the user base (one IdP per customer).
Is there a way for me to restrict one IdP from attempting to authenticate a user from another IdP? I thought about building a custom PersonDirectoryPrincipalResolver, overriding the resolve() method to ensure the Credential "matched" the appropriate AuthenticationHandler. Is there another way to do this that doesn't require custom code? Thanks, -B -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/efd69655-ff2f-471c-b295-b2843fb9367c%40apereo.org.
