Using a different LDAP attribute for the principal ID for Google Apps SAML only?
Brodie Rao
brodie.rao at cpcc.edu
Wed Jul 9 14:35:40 EDT 2008
I'm using CAS server 3.2.1 with an LDAP server and I'd like to have it
use a different attribute for finding the principal ID for Google Apps
SAML requests. Is it possible to configure the CAS server to send a
different principal ID for SAML requests? More specifically, I want it
to return the mailNickname LDAP attribute for Google Apps, and
sAMAccountName for any other request (which is the attribute queried on
by the LDAP authentication handler).
If that's not possible, is it possible to configure a second instance of
the CAS server mounted at a different URL that shares the same ticket
store as the first server? That way I could point Google Apps to that
second instance, and keep existing applications pointed at the first
instance.
More information about the cas
mailing list