Is it possible do different authentication based on different SP?

Kevin P. Foote kpfoote at
Wed Aug 15 22:00:03 EDT 2012

Give the Engineering group an "engineering" attribute, and the sales folks a "sales" attribute at the IdP. On the SP side require one or the other for authz. 

Yaowen Tu <yaowen.tu at> wrote:

>1. I have an IdP that connect to a LDAP.
>2. I am using OOTB edu.vt.middleware.ldap.jaas.LdapLoginModule to do the
>real authentication.
>3. The LDAP has two groups e.g. Engineering and Sales
>4. There are two SPs that connect to this IdP.
>Is it possible or how to support: Allow Engineering users to login to SP1
>and Sales users to login to SP2?
>If it is not possible to do this through IdP, anyone know what is the
>standard way to achieve it?
>To unsubscribe from this list send an email to users-unsubscribe at
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list