If you haven't seen it, this site gives examples: http://jasig.275507.n4.nabble.com/CAS-Multiple-BindLdapAuthenticationHandler-td2133071.html
Linda Toth University of Alaska - Office of Information Technology (OIT) - Identity and Access Management 910 Yukon Drive, Suite 103 Fairbanks, Alaska 99775 Tel: 907-450-8320 Fax: 907-450-8381 [email protected] | www.alaska.edu/oit/ On Sun, May 11, 2014 at 8:48 AM, Richard Frovarp <[email protected]> wrote: > We had that situation. How you handle it is going to depend on your > situation. My best advice is to avoid the situation at all costs. > > If the two authentication sources are mutually exclusive, and there is > absolutely not potential for username overlap (at least when it is a > different person), then you can configure one CAS server for both auth > sources. > > If there is any chance that the same username might be in both (or more) > systems but represent a different person, I would have a separate CAS > server for each one. The follow on challenge is that each application would > need to have as many login links as there are CAS auth sources for that > application. At this point in time we have three CAS servers running, going > against three different authentication sources. Now each one serves vastly > different user populations, and the login pages are branded appropriately. > None of the systems guarantee that if the username is the same, the user is > the same. Two will for a certain username format (both are driven from the > same IAM), but local accounts might not line up. > > > On Sun, May 11, 2014 at 7:16 AM, wallace <[email protected]> > wrote: > >> Does any other university have this situation -- multiple auth sources? >> How do you handle it ... >> *1 cas server config'd for both auth sources? >> *2 separate cas servers each config'd for its auth source? >> >> Help greatly appreciated. >> Thanks. >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
