On Wed, 5 Dec 2012, Ourada, John wrote:
As part of our conversion to using LDAP against AD instead of a custom
validator, I am thinking of the following and would like to run it by
the group.
I am planning on using the FastBindLdapAuthenticationHandler since I
only have one OU (People) in which to look and I don't need to any
special searchs.
I am planning on retrieving attributes to be passed back via saml.
There will be two different contextSource's: one for
FastBindLdapAuthenticationHandler and one for LdapPersonAttributeDao.
Does it makes sense and is it supported to use connection pooling for
LdapPersonAttributeDao?
Also, does this setup seem like an appropriate setup, or should I
consider using BindLdapAuthenticationHandler for Authentication.
BTW, I have not upgraded past 3.4.6 yet.
Yes, you certainly can use 2 different contextSources just as you
describe.
In our case, the traffic levels didn't really justify using a connection
pool and connection setup times are very small, so we just use 1 context
source for both authentication and attribute retrieval.
Andy
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
