Adam, That was it... I restored the default CredentialsToPrincipalResolver and now everything is working. Simple fix guess I have been looking into it to far :-) Thanks for the quick help
--Aaron -----Original Message----- From: Adam Rybicki [mailto:[email protected]] Sent: Monday, March 07, 2011 8:22 PM To: [email protected] Subject: Re: [cas-user] CAS with AD and OpenDS Aaron, Do you actually need to override the default credentialsToPrincipalResolver? I ask because you have overridden the default one with CredentialsToLDAPAttributePrincipalResolver, but you only have one that's pointed at AD and none pointed at OpenDS. My understanding of the purpose of CredentialsToLDAPAttributePrincipalResolver is that it allows you to return a different LDAP attribute as the Principal name than the attribute LDAP was searched for. However, your configuration seems to search by sAMAccountName and return the sAMAccountName. The default resolver does this without querying LDAP. :-) I think that if you simply restored the default resolver the OpenDS authentication should start working. Adam On 3/7/2011 18:42, Aaron wrote: > I am trying to get CAS to work with Active Directory and Fall through to > users in an OpenDS ldap. The authentication works fine in AD but if I login > with a user that only exist in OpenDS it does not work. I can see the user > is looked up in the ldap logs but never authenticates. > > Can someone look over my deployerconfigcontext file and let meknow what I > have done wrong? > > Thanks in advance. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
