Good morning, John,
If your LDAP server is set up to allow anonymous searches, then the contextSource used for attribute lookup does not need the userDn and password properties to be set. You can then use the same contextSource for fast-bind authentication. We use this setup exclusively; anonymous clients are forced to read-only access and receive a limited set of attributes, which works well for our purposes. Best regards, -- Carlos. From: Ourada, John [mailto:[email protected]] Sent: Monday, 10 December, 2012 09:46 To: [email protected] Subject: RE: [cas-user] LDAP Configuration Question If I understand correctly, I don’t supply the user-id/pw combination when using fast-bind authentication, but I need to provide it to obtain LDAP attributes, thus two different ContextSource’s: one with a userid/pw combination and one without. -John From: Modi Tamam [mailto:[email protected]] Sent: Sunday, December 09, 2012 9:07 AM To: [email protected] Subject: Re: [cas-user] LDAP Configuration Question Why not to use the same contextSources ? On Wed, Dec 5, 2012 at 11:40 PM, Andrew Morgan <[email protected]> wrote: ere will be two different contextSource's: one for FastBindLdapAuthenticationHandler and one for -- Best Regards Mordechai Tamam -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
