Very useful information. How to keep all these LDAPs data in sync ? Should that be done manually to sync all the data across LDAPs.
Thanks Jay On Wed, Sep 10, 2014 at 11:04 AM, Todorovic, Michael < [email protected]> wrote: > Hello, > > Thanks to ldaptive, you need to add all your servers in the ldapUrl > property, separated by a space. > > <bean id="abstractConnectionConfig" abstract="true" > > class="org.ldaptive.ConnectionConfig" > > p:connectTimeout="${ldap.connectTimeout}" > > p:responseTimeout="${ldap.responseTimeout}" > > p:useStartTLS="${ldap.useStartTLS}" > > p:useSSL="${ldap.useSSL}" > > p:ldapUrl="${ldap.url.EMEA} ${ldap.url.NA} > ${ldap.url.APAC}" > > p:sslConfig-ref="sslConfig" /> > > > > In my config, ldap.url.EMEA,ldap.url.NA,ldap.url.APAC are declared in > WEB-INF/cas.properties with the following: > > ldap.url.EMEA=ldaps://servername > > ldap.url.NA=ldaps://servername > > ldap.url.APAC=ldaps://servername > > > > Ldaptive will try servers in sequence. If the first server is not working, > it will go on the second one, etc. If all servers are down, I think CAS > won’t start. > > > > Hope this helps, > > Michael > > > > *Michaël Todorovic* > > IT Security Engineer, Systems Team > > S&P Capital IQ / Real-Time Solutions > > > > [image: Description: icon-twitter] <https://twitter.com/QuantHouseNews> > [image: > Description: icon-linkedIn] > <http://www.linkedin.com/company/121040?trk=tyah> > > > > *From:* Andrew Skiba [mailto:[email protected]] > *Sent:* 10 September 2014 11:51 > *To:* [email protected] > *Subject:* [cas-user] Support 2 LDAP servers > > > > Hello all. > > > > I need to configure our CAS server to work with 2 LDAP URLs for > redundancy. As the URL is specified in org.ldaptive.ConnectionConfig, it > looks like I need to specify 2 configs, then 2 connection factories, then 2 > connection pools, 2 PooledBindAuthenticationHandler beans, 2 Authenticator > beans and finally 2 LdapAuthenticationHandlers to > PolicyBasedAuthenticationManager. > > > > This solution is not only ugly, it also does not work. When one of the > URLs is not accessible, Spring context does not come up, throwing an > exception. > > > > So what's the best way to achieve this goal? > > > > Thanks for any insights. > > > > Andrew. > > > > -- > > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > ------------------------------ > The information contained in this message is intended only for the > recipient, and may be a confidential attorney-client communication or may > otherwise be privileged and confidential and protected from disclosure. If > the reader of this message is not the intended recipient, or an employee or > agent responsible for delivering this message to the intended recipient, > please be aware that any dissemination or copying of this communication is > strictly prohibited. If you have received this communication in error, > please immediately notify us by replying to the message and deleting it > from your computer. McGraw Hill Financial reserves the right, subject to > applicable local law, to monitor, review and process the content of any > electronic message or information sent to or from McGraw Hill Financial > e-mail addresses without informing the sender or recipient of the message. > By sending electronic message or information to McGraw Hill Financial > e-mail addresses you, as the sender, are consenting to McGraw Hill > Financial processing any of your personal data therein. > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
