Custom Login Handlers? LDAP Authentication
Royder, Kyle D
kroyder at austin.utexas.edu
Thu Feb 28 14:33:44 EST 2013
Thanks for the help Scott. This put me on a different search path of the users list and there seem to be a lot of discussion surrounding using a search filter vs implementing something in LDAP itself. Looks like I have a few options moving forward.
From: users-bounces at shibboleth.net [mailto:users-bounces at shibboleth.net] On Behalf Of Cantor, Scott
Sent: Thursday, February 28, 2013 12:19 PM
To: Shib Users
Subject: Re: Custom Login Handlers? LDAP Authentication
On 2/28/13 1:03 PM, "Royder, Kyle D" <kroyder at austin.utexas.edu> wrote:
>We use LDAP for authentication and attribute queries. We are wanting
>throw authentication errors if certain LDAP attributes are set certain
>ways and now allow the user to create an IdP session.
Well, normally I think you do that with LDAP by adjusting the search
filter that looks up the DN for binding. If you can't express it in a
simple search filter, there may be additional plug points in the vt-ldap
(now ladaptive) code that would let you do this by developing the
extension there rather than having to do a custom login handler.
The author's on the list, he would know and can comment.
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users