Thanks again for your help Daniel, The operation of the SearchEntryResolver (user-bind connection) as opposed to the PooledSearchEntryResolver (manager/admin-for-search connection) now makes more sense and I can see why one might want to choose one over the other.
All the best, Adam -- Adam Franco Senior Software Developer Information Technology Services Middlebury College Middlebury, VT 05753 [email protected] 802.443.2244 On Fri, Oct 17, 2014 at 4:36 PM, Daniel Fisher <[email protected]> wrote: > On Fri, Oct 17, 2014 at 3:45 PM, Adam Franco <[email protected] > <mailto:[email protected]>> wrote: > One final question: > > I made an assumption that I should specify a PooledSearchEntryResolver > with a PooledConnectionFactory since that seems to be in line with what the > Ldap setup instructions specify< > https://jasig.github.io/cas/4.0.0/installation/LDAP-Authentication.html> > for the DN resolver. Is there anything else I might be missing or > mis-configuring that would cause other problems? > > It depends on what connection you want the entry resolution to occur on. > If you had supplied a SearchEntryResolver, without a connection factory, > the entry resolution will occur on the same connection as the user bind. > Since you've wired up a PooledSearchEntryResolver, the entry resolution > will occur using a connection from the pool. Some directories are > configured to restrict read access to the user entry, so you'll have to > find the config that works best with your directory. > > --Daniel Fisher > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
