Hello,
Thanks to ldaptive, you need to add all your servers in the ldapUrl property,
separated by a space.
<bean id="abstractConnectionConfig" abstract="true"
class="org.ldaptive.ConnectionConfig"
p:connectTimeout="${ldap.connectTimeout}"
p:responseTimeout="${ldap.responseTimeout}"
p:useStartTLS="${ldap.useStartTLS}"
p:useSSL="${ldap.useSSL}"
p:ldapUrl="${ldap.url.EMEA} ${ldap.url.NA} ${ldap.url.APAC}"
p:sslConfig-ref="sslConfig" />
In my config, ldap.url.EMEA,ldap.url.NA,ldap.url.APAC are declared in
WEB-INF/cas.properties with the following:
ldap.url.EMEA=ldaps://servername
ldap.url.NA=ldaps://servername
ldap.url.APAC=ldaps://servername
Ldaptive will try servers in sequence. If the first server is not working, it
will go on the second one, etc. If all servers are down, I think CAS won’t
start.
Hope this helps,
Michael
Michaël Todorovic
IT Security Engineer, Systems Team
S&P Capital IQ / Real-Time Solutions
[cid:[email protected]]<https://twitter.com/QuantHouseNews>
[cid:[email protected]]
<http://www.linkedin.com/company/121040?trk=tyah>
From: Andrew Skiba [mailto:[email protected]]
Sent: 10 September 2014 11:51
To: [email protected]
Subject: [cas-user] Support 2 LDAP servers
Hello all.
I need to configure our CAS server to work with 2 LDAP URLs for redundancy. As
the URL is specified in org.ldaptive.ConnectionConfig, it looks like I need to
specify 2 configs, then 2 connection factories, then 2 connection pools, 2
PooledBindAuthenticationHandler beans, 2 Authenticator beans and finally 2
LdapAuthenticationHandlers to PolicyBasedAuthenticationManager.
This solution is not only ugly, it also does not work. When one of the URLs is
not accessible, Spring context does not come up, throwing an exception.
So what's the best way to achieve this goal?
Thanks for any insights.
Andrew.
--
You are currently subscribed to
[email protected]<mailto:[email protected]> as:
[email protected]<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
________________________________
The information contained in this message is intended only for the recipient,
and may be a confidential attorney-client communication or may otherwise be
privileged and confidential and protected from disclosure. If the reader of
this message is not the intended recipient, or an employee or agent responsible
for delivering this message to the intended recipient, please be aware that any
dissemination or copying of this communication is strictly prohibited. If you
have received this communication in error, please immediately notify us by
replying to the message and deleting it from your computer. McGraw Hill
Financial reserves the right, subject to applicable local law, to monitor,
review and process the content of any electronic message or information sent to
or from McGraw Hill Financial e-mail addresses without informing the sender or
recipient of the message. By sending electronic message or information to
McGraw Hill Financial e-mail addresses you, as the sender, are consenting to
McGraw Hill Financial processing any of your personal data therein.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
