> I'm pretty sure I saw how to do this before but I want to have CAS take in > either email address or userid from the login screen but store CN as the > Principal.
There are two steps to this: 1. Use BindLdapAuthenticationHandler with a filter that performs a search on either email or userid, e.g. <property name="filter" value="(|(userid=%u)(email=%u))" /> 2. Use CredentialsToLDAPAttributePrincipalResolver to resolve a new principal based on CN once authentication has succeeded http://www.ja-sig.org/wiki/display/CASUM/LDAP is a good reference for LDAP authentication in general. http://www.ja-sig.org/wiki/display/CASUM/Attributes has an example of CredentialsToLDAPAttributePrincipalResolver. M -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
