Dynamic LDAP searchBase
Thomas Belliard
tb.web at murmuran.net
Sat Apr 26 09:15:08 EDT 2008
Hi,
I'm trying to setup CAS 3.2.1 so that it tries to authenticate users on
different LDAP searchBase values (on the same server) based on the
requesting service, using an extra url parameter. I would end up with
something like this in the deployerConfigContext.xml :
<bean
class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" >
<property name="filter" value="uid=%u" />
<property name="searchBase"
value="ou=people,dc=%extra_url_param,dc=domain,dc=tld" />
<property name="contextSource" ref="contextSource" />
</bean>
Any idea whether this can be done just by playing around in the config
files, without actually hacking any code?
The alternative would be to run multiple instances of CAS on the same
server (each with their own proper searchBase), which might in fact be a
better scheme, from a security point of view...
Thanks,
Thomas
More information about the cas
mailing list