stacking login handlers

[David Bantz]

This works perfectly just as Scott says; here’s the snippet from description of LDAP:

 userField="uid,uasystemid,bannerid”;

and for AD:

userField="sAMAccountName,uaIdentifier";

On Fri, 9 May 2014, at 09:55 , Cantor, Scott <cantor.2 at osu.edu> wrote:

> On 5/9/14, 1:39 PM, "Carsey, Robert" <rcarsey at monmouth.edu> wrote:
> 
>> So my users insist on being able to logon using their username OR their
>> e-mail address.  I know I can stack login handlers, so I have two entries
>> in login.config ­ one for sAMAccountName; one for UserPrincipalName (i.e.
>> their email address).
> 
> You don't really have to do that with LDAP, that's the only thing it has
> going for it, you just specify a search filter that handles either choice,
> one JAAS module only.
> 
>> 
>> However, while I¹m certain this will allow login using email address as
>> username;  I don¹t believe it will work OK when it comes time to resolve
>> some attributes; as my LDAP resolver in attribute-resolver.xml have a
>> filter template of:
> 
> So you also have to change the filter there to add an "or" pipe.
> 
>> So is it a matter of me rewriting the filtertemplate somehow to handle
>> both cases where the user typed in his username (samaccountname) OR his
>> email address (userprincipalname) ?
> 
> Yes.
> 
> -- Scott
> 
> 
> 
> 
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140509/b5d10e7c/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://shibboleth.net/pipermail/users/attachments/20140509/b5d10e7c/attachment.bin