Using two dataconnectors for one service provider

Bryan E. Wooten bryan.wooten at
Wed Apr 2 09:41:36 EDT 2014

Strange, I was just on a call with Box for our Shib integration 2 weeks ago.

No mention of AD group membership. As a matter of fact they did not want us to release group memberships in the SAML assertion. They also recommended we not use their API for groups either. They said most U's don't use the API.

In your integration do they want direct access to your Active Directory? That sounds like a bad idea.


From: users-bounces at [mailto:users-bounces at] On Behalf Of Vignesh, Vanna G.
Sent: Wednesday, April 02, 2014 7:27 AM
To: users at
Subject: Using two dataconnectors for one service provider

Our Idp uses authldap as the only data connector. One of the SPs ( provisioning) requires the user should be in AD security group too. All the mandatory attributes will be from authldap.
The user should not get successful authentication if he is not in that AD group. How can I handle this?
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list