> i need to authenticate a person against two ldap, but the same person could > have two different accounts(credential/password)
This is going to be tricky, because resolvers evaluate appropriateness based on the credential type. So you can have multiple resolvers for different credentials, but multiple resolvers for the same credential type, in your case UsernamePasswordCredentials, will always result in the first appropriate one short circuiting the remaining. In your case you will need a custom CredentialsToLDAPAttributePrincipalResolver that can take a list of AuthenticatedLdapContextSource instances, one for each of your target environments, and do a search/bind on each and return the principal for the first successful bind. I wonder if such a use case is common enough to merit out-of-the-box support for this in an upcoming CAS release. Please speak up if you have such a requirement. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
