How to configure multiple RemoteUser Auth URLs on IDP v3 ?

Cantor, Scott cantor.2 at
Wed Apr 20 22:49:58 EDT 2016

On 4/20/16, 6:55 PM, "Cantor, Scott" <cantor.2 at> wrote:

>>Here is how I set up "enhanced" login on IDP v2 in handler.xml
>There is no direct equivalent, and it isn't really something you can do easily without learning at least some minimal Spring Web Flow to be able to copy and adapt the existing flows. It's mostly cut and paste more than really learning it, but it isn't trivial.

I should note, there are some ways to support this general scenario, but it was with the Password flow + JAAS, not RemoteUser. I designed in a ton of flexibility for combining JAAS methods into one flow, including use of different AuthnContextClassRefs to trigger them, because that's what I used to use.

I don't use RemoteUser, so I didn't spend the time designing in that flexibility there, but I probably could cook something up in 3.3 if you file a request for it. What's probably needed is a map of different RemoteUser endpoints with custom Principal sets, so the flow can dispatch to the right one based on the request.

I could probably knock something out that would be fairly easy to slap on top of 3.2 and check it in within a week or two. You're not the first to ask about it, so it's obviously in demand.

-- Scott

More information about the users mailing list