stacking login handlers

Cantor, Scott cantor.2 at
Fri May 9 13:55:29 EDT 2014

On 5/9/14, 1:39 PM, "Carsey, Robert" <rcarsey at> wrote:

>So my users insist on being able to logon using their username OR their
>e-mail address.  I know I can stack login handlers, so I have two entries
>in login.config ­ one for sAMAccountName; one for UserPrincipalName (i.e.
>their email address).

You don't really have to do that with LDAP, that's the only thing it has
going for it, you just specify a search filter that handles either choice,
one JAAS module only.

>However, while I¹m certain this will allow login using email address as
>username;  I don¹t believe it will work OK when it comes time to resolve
>some attributes; as my LDAP resolver in attribute-resolver.xml have a
>filter template of:

So you also have to change the filter there to add an "or" pipe.

>So is it a matter of me rewriting the filtertemplate somehow to handle
>both cases where the user typed in his username (samaccountname) OR his
>email address (userprincipalname) ?


-- Scott

More information about the users mailing list