Thanks for the reply ! I was indeed referring to that particular class. (DirectMappingAuthenticationManagerImpl.java) From what I read I was under the impression I could directly link a CredentialsToPrincipalResolver to a specific AuthenticationHandler. E.g. Tell the specific bean with the BindLdapAuthenticationHandler that it should use a particular CredentialsToLDAPAttributePrincipalResolver
As I posted before I have 3 AuthenticationHandlers (AD, LDAP, MySQL) and 3 (root) CredentialsToPrincipalResolvers. Looking at the debugging log I can see how CAS iterates over all of the the CredentialsToPrincipalResolvers for each login, regardless of whether the login was succesfull wia AD, LDAP or MySQL. Iterating over the AuthenticationHandlers isn't an issue IMO (and it works perfectly as well since usernames are unique across the 3 authentication sources). In all honesty, neither is iterating over the CredentialsToPrincipalResolvers, but as I said: I'm curious by nature, so I thought there was no reason not to ask for some information about it. It just seemed kind of silly that the system tries to resolve e.g. the principal's attributes via AD, when the user's credentials were checked via MySQL. In reality that could be a possibility, but in our specific case, such overlap does not exist. -- View this message in context: http://www.nabble.com/Direct-Mapping-AuthenticationManager-tp24539351p24545364.html Sent from the CAS Users mailing list archive at Nabble.com. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
