Hi, Our school just start to use CAS? In our school, we have applicants that have account in our Luminis LDAP, but no AD accounts yet. We still want to give them access to our Luminis portal. In Luminis 4, we have configured EAS to define what LDAP to use for each role (of course, most users are authenticated against AD). We look up the role of the user who is trying to login inside Luminis LDAP and then determine if Luminus LDAP or AD to authenticate against. Is this do-able inside CAS?
We were told by Elluciaon to use CAS fall through (against 2 ldaps in sequential order), but that leads to a security hole that once a person leaves and AD being terminated, we still have to terminate his Luminis LDAP account. I am just wondering if other school are in the same boat. How do you handle this? Thank you. Qiong -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
