Thanks Philippe ! (|(cn=%u)(mail=%u)) works fine Regards
2012/9/14 Philippe Marasse <[email protected]> > Hello, > > Usually, we leave two or three way for our users to authenticate against > AD : common name (actually first part of email), full email or windows > login, the ldap filter looks like : (|(cn=%u)(email=%u)(**samAccountName=%u)). > Beware that this kind of ldap filter should find at most one entry. > > Rgds. > > Le 14/09/2012 10:41, tom duca a écrit : > >> Hi everybody, >> I'm discovering cas server (i'm beginner !) >> and i've installed cas server 3.5.0 with tomcat6 on RHEL6. >> I've succeded to configure cas server to authenticate active directory >> users. >> In the deployerConfigContext.xml file i've specified : >> <bean class="org.jasig.cas.adaptors.**ldap.**BindLdapAuthenticationHandler" >> p:filter="cn=%u" p:searchBase="dc=mydomain,dc=**com" >> p:contextSource-ref="**contextSource" p:**ignorePartialResultException="* >> *true"/> >> <bean id="contextSource" class="org.springframework.**ldap.core.support. >> **LdapContextSource"> >> <property name="pooled" value="false"/> >> <property name="url" value="ldap://LDAP-SERVER-IP"/ >> <ldap://LDAP-SERVER-IP%22/>> >> >> <property name="userDn" value="cn=userldap,ou=Users,** >> dc=mydomain,dc=com"/> >> <property name="password" value="passworduserldap"/> >> <property name="**baseEnvironmentProperties"> >> <map> >> <entry key="com.sun.jndi.ldap.**connect.timeout" value="3000"/> >> <entry key="com.sun.jndi.ldap.read.**timeout" value="3000"/> >> <entry key="java.naming.security.**authentication" value="simple"/> >> </map> >> </property> >> </bean> >> Now, i wold like to authenticate users with either their email address, >> either their username. >> (authenticate username already works fine) >> Do you know where would i specify this please ? >> for example, can i specify several filters as p:filter="cn=%u" ? >> Thanks a lot, >> Tom DUCA >> -- >> You are currently subscribed to [email protected] as: >> philippe.marasse@ch-poitiers.**fr <[email protected]> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/**display/JSG/cas-user<http://www.ja-sig.org/wiki/display/JSG/cas-user> >> > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
