Multiple Logon Credentials
Miller, Greg
gmiller at richmond.edu
Wed Sep 21 13:56:33 BST 2011
Yes, that works beautifully. Thank you.
Greg Miller
University of Richmond
gmiller at richmond.edu
-----Original Message-----
From: users-bounces at shibboleth.net [mailto:users-bounces at shibboleth.net] On Behalf Of Peter Schober
Sent: Wednesday, September 21, 2011 8:48 AM
To: users at shibboleth.net
Subject: Re: Multiple Logon Credentials
* Miller, Greg <gmiller at richmond.edu> [2011-09-21 14:45]:
> I am attempting to offer our users the ability to logon to the
> Shibboleth IdP with either their "cn" or "mail" attribute in
> LDAP. This would give users the option of logging in with their
> NetID or their @richmond.edu email address.
[...]
> <FilterTemplate>
> <![CDATA[
> (cn=$requestContext.principalName)
> ]]>
> </FilterTemplate>
>
> I suspect that I need to modify the "FilterTemplate" directive, but
> I am not sure how to do so. I have reviewed the list archives and
> the relevant documentation, but am still not sure how to configure
> this correctly.
It's just an LDAP search filter (RFC4515), so I'd try
(|(cn=$requestContext.principalName)(mail=$requestContext.principalName))
inside the CDATA section.
-peter
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list