stacking login handlers

David Bantz dabantz at
Fri May 9 16:10:54 EDT 2014

This works perfectly just as Scott says; here’s the snippet from description of LDAP:


and for AD:


On Fri, 9 May 2014, at 09:55 , Cantor, Scott <cantor.2 at> wrote:

> On 5/9/14, 1:39 PM, "Carsey, Robert" <rcarsey at> wrote:
>> So my users insist on being able to logon using their username OR their
>> e-mail address.  I know I can stack login handlers, so I have two entries
>> in login.config ­ one for sAMAccountName; one for UserPrincipalName (i.e.
>> their email address).
> You don't really have to do that with LDAP, that's the only thing it has
> going for it, you just specify a search filter that handles either choice,
> one JAAS module only.
>> However, while I¹m certain this will allow login using email address as
>> username;  I don¹t believe it will work OK when it comes time to resolve
>> some attributes; as my LDAP resolver in attribute-resolver.xml have a
>> filter template of:
> So you also have to change the filter there to add an "or" pipe.
>> So is it a matter of me rewriting the filtertemplate somehow to handle
>> both cases where the user typed in his username (samaccountname) OR his
>> email address (userprincipalname) ?
> Yes.
> -- Scott
> --
> To unsubscribe from this list send an email to users-unsubscribe at

-------------- next part --------------
An HTML attachment was scrubbed...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : 

More information about the users mailing list