Multiple Logon Credentials

Peter Schober peter.schober at
Wed Sep 21 13:47:58 BST 2011

* Miller, Greg <gmiller at> [2011-09-21 14:45]:
> I am attempting to offer our users the ability to logon to the
> Shibboleth IdP with either their "cn" or "mail" attribute in
> LDAP. This would give users the option of logging in with their
> NetID or their email address.
>         <FilterTemplate>
>             <![CDATA[
>                 (cn=$requestContext.principalName)
>             ]]>
>         </FilterTemplate>
> I suspect that I need to modify the "FilterTemplate" directive, but
> I am not sure how to do so. I have reviewed the list archives and
> the relevant documentation, but am still not sure how to configure
> this correctly.

It's just an LDAP search filter (RFC4515), so I'd try


inside the CDATA section.

More information about the users mailing list