Hi all, My friend and I are starting a small business, and I would like to set up Apache Directory Server as a great alternative to Active Directory. My experience is mostly with AD, and I have a bit of experience with Open Ldap. We have already set up Google Hosted services, and I'd like to create a plug in to DS to use Google's SAML web service. Is it possible to create a custom plugin, similar to the one here
http://cwiki.apache.org/confluence/display/DIRxSRVx11/Implementing+an+alternative+Backend. The behavior I would want is the following. 1. Try to authenticate locally 2. If the user doesn't exist, or the password fails, try to log in with the SAML service 3. If the SAML service authenticates, synchronize the user name and password. We're only going to have one root DN. Is it possible to do this, or is there no way to chain the authentication schemes together? Thanks, Todd
