...
- authenticationDuration - length of time in minutes that the authentication method associated with this login handler is active; default: 30 minutes
- authenticationServletURL - context-relative path to the servlet responsible for collecting using credentials and authenticating the user; default: /Authn/UserPassword
...
| Code Block | ||
|---|---|---|
| ||
ShibUserPassAuth {
edu.vt.middleware.ldap.jaas.LdapLoginModule required
ldapUrl="ldap://ldap1.example.org:636 ldap://ldap2.example.org:636"
ssl="true"
connectionHandler="edu.vt.middleware.ldap.handler.DefaultConnectionHandler{{connectionStrategy=ACTIVE_PASSIVE}{connectionRetryExceptions=javax.naming.CommunicationException}}"
timeout="1000"
baseDn="ou=users,dc=example,dc=org"
subtreeSearch="true"
userFilter="uid={0}"
bindDn="<ldapservicedn>"
bindCredential="<password>";
};
|
...
| Code Block |
|---|
connectionHandler="edu.vt.middleware.ldap.handler.TlsConnectionHandler{{connectionStrategy=ACTIVE_PASSIVE}{connectionRetryExceptions=javax.naming.CommunicationException}}"
|
The test to make sure this works is to have all LDAP servers running, start up the IdP and then disconnect the first LDAP server. If authentication and attribute resolution still works without an unreasonable long delay.
...