There are posts on this in the user forum - it should be simple to write an LdapUserDetailsService class which just uses the combination of a search bean and authorities populator.
Jason Patterson wrote: > We currently have acegi in place on numerous applications using an > LdapAuthenticationProvider from both authentication and authorization. > We're looking into providing sso via CAS, our acegi filter is wired up > to use CAS, which in turn is wired to use the > LdapAuthenticationProvider, but once authentication passed back we're > stuck with jdbc or in memory dao options to implement the > UserDetailsService for the CasAuthoritiesPopulator even though we > already have all this role information in our ldap store. I'd prefer to > continue pulling it from there. It seems like it could be an elegant > solution allowing all our user data to reside in one store and provide > SSO at the cost of having numerous connection pools open to the ldap > store. Is that more costly than I perceive or is there a better way to > do this? Is an ldap userDetailsService planned? > > > -- Luke Taylor. Monkey Machine Ltd. PGP Key ID: 0x57E9523C http://www.monkeymachine.ltd.uk _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
