One IdP serving separate security (LDAP) domains
Cantor, Scott
cantor.2 at osu.edu
Wed Apr 3 15:09:38 EDT 2013
On 4/3/13 2:57 PM, "Alan Angulo (live at edu admin)" <alan at live.esu.edu>
wrote:
>I'm trying to setup one IdP to serve 2 separate security domains (ex.
>DOMX.EDU and DOMY.EDU).
The software doesn't know about domains as a concept, so there's something
you mean by it that you'll have to be more explicit about.
>I followed the documentation for IdPMultipleLDAP
>(https://wiki.shibboleth.net/confluence/display/SHIB2/IdPMultipleLDAP)
>but that applies only to multiple LDAPs in the same security domain.
I don't think it has anything to say about the question. Skimming it, I
don't see how it would be any different apart from the details that will
be totally specific to any site's needs.
One issue I can think of that you might mean would be that usernames in
your two directories aren't unique. In that event, I would guess you
either have to require users to enter the domain as part of the username,
or you need two IdPs.
-- Scott
More information about the users
mailing list