...
Code Block | ||
---|---|---|
| ||
ShibUserPassAuth {
edu.vt.middleware.ldap.jaas.LdapLoginModule required
ldapUrl="ldap://ldap1.example.org:636 ldap://ldap2.example.org:636"
ssl="true"
connectionHandler="edu.vt.middleware.ldap.handler.DefaultConnectionHandler{{connectionStrategy=ACTIVE_PASSIVE}{connectionRetryExceptions=javax.naming.CommunicationException}}"
timeout="1000"
baseDn="ou=users,dc=example,dc=org"
subtreeSearch="true"
userFilter="uid={0}"
bindDn="<ldapservicedn>"
bindCredential="<password>";
};
|
...
Code Block |
---|
connectionHandler="edu.vt.middleware.ldap.handler.TlsConnectionHandler{{connectionStrategy=ACTIVE_PASSIVE}{connectionRetryExceptions=javax.naming.CommunicationException}}"
|
The test to make sure this works is to have all LDAP servers running, start up the IdP and then disconnect the first LDAP server. If authentication and attribute resolution still works without an unreasonable long delay.
...