Aaron,
Do you actually need to override the default
credentialsToPrincipalResolver? I ask because you have overridden the
default one with CredentialsToLDAPAttributePrincipalResolver, but you
only have one that's pointed at AD and none pointed at OpenDS.
My understanding of the purpose of
CredentialsToLDAPAttributePrincipalResolver is that it allows you to
return a different LDAP attribute as the Principal name than the
attribute LDAP was searched for. However, your configuration seems to
search by sAMAccountName and return the sAMAccountName. The default
resolver does this without querying LDAP. :-)
I think that if you simply restored the default resolver the OpenDS
authentication should start working.
Adam
On 3/7/2011 18:42, Aaron wrote:
I am trying to get CAS to work with Active Directory and Fall through to users
in an OpenDS ldap. The authentication works fine in AD but if I login with a
user that only exist in OpenDS it does not work. I can see the user is looked
up in the ldap logs but never authenticates.
Can someone look over my deployerconfigcontext file and let meknow what I have
done wrong?
Thanks in advance.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
