Authentication Fail-over

Nate Klingenstein ndk at sudonym.me
Sat Apr 30 03:49:47 EDT 2016


Joel,

I think it would be easiest to accomplish this entire in JAAS.  It has the sufficiency and fallback capabilities that you’re looking for largely built-in.  Only if you want or need to interact further with the user would I try to do anything in the IdP itself.

Taking the late train,
Nate.

> On Apr 29, 2016, at 18:05, Joel Levin <joel.aaron.levin at gmail.com> wrote:
> 
> Hi List:
> 
> Is it possible to configure authentication such that -- if JAAS authenticationfails - authentication is via LDAP?
> 
> Rationale: As accounts are create first in the DB versus LDAP - we wish to authenticate against the DB - but if DB is down - there can be  fail-over to LDAP.
> 
> Thanks
> -- 
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net



More information about the users mailing list