Thomas, Will the user show up in more than one search base?
If the answer is yes, then you probably will need to write some custom code, or to extend the LDAP authentication handlers (there is a way to override just one method that returns what to search for). If the answer is no, you could add multiple LDAP handlers to the list with the appropriate search base. -Scott On Sat, Apr 26, 2008 at 9:15 AM, Thomas Belliard <[EMAIL PROTECTED]> wrote: > Hi, > I'm trying to setup CAS 3.2.1 so that it tries to authenticate users on > different LDAP searchBase values (on the same server) based on the > requesting service, using an extra url parameter. I would end up with > something like this in the deployerConfigContext.xml : > > <bean > class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" > > <property name="filter" value="uid=%u" /> > <property name="searchBase" > value="ou=people,dc=%extra_url_param,dc=domain,dc=tld" /> > <property name="contextSource" ref="contextSource" /> > </bean> > > Any idea whether this can be done just by playing around in the config > files, without actually hacking any code? > > The alternative would be to run multiple instances of CAS on the same > server (each with their own proper searchBase), which might in fact be a > better scheme, from a security point of view... > > Thanks, > Thomas > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > -- -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
