Authentication Fail-over

Nate Klingenstein ndk at
Sat Apr 30 03:49:47 EDT 2016


I think it would be easiest to accomplish this entire in JAAS.  It has the sufficiency and fallback capabilities that you’re looking for largely built-in.  Only if you want or need to interact further with the user would I try to do anything in the IdP itself.

Taking the late train,

> On Apr 29, 2016, at 18:05, Joel Levin <joel.aaron.levin at> wrote:
> Hi List:
> Is it possible to configure authentication such that -- if JAAS authenticationfails - authentication is via LDAP?
> Rationale: As accounts are create first in the DB versus LDAP - we wish to authenticate against the DB - but if DB is down - there can be  fail-over to LDAP.
> Thanks
> -- 
> To unsubscribe from this list send an email to users-unsubscribe at

More information about the users mailing list