> How I can do a subtree searches? I just reviewed the source and subtree is the default. You can modify the search scope with the scope property of BindLdapAuthenticationHandler. Acceptable values are integers defined in the public constants of http://docs.oracle.com/javase/6/docs/api/javax/naming/directory/SearchControls.html.
> Yes descendent is same but I want to limit search to only to two user OUs > that is Staff and Students. Any examples?? There's no way to say "search only these branches of a subtree." You could produce equivalent results by including an attribute as part of your search filter that has some unique value for users in those branches: filter="(&(mail=%u)(someotherattribute=uniquevalue))" If you can't meet the requirement of a unique attribute value for uses in those OUs, then the only alternative would be to define two separate handlers per the suggestion made earlier. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
