Our LDAP infrastructure happens to have a split directory tree; an LDAP proxy unifies the DITs. Consequently for us, the search validator does not hit the actual back ends containing credentials, meaning it’s theoretically possible (though unlikely) for the search validator to return “success” when all back ends are failed. The validateOnCheckOut setting looks to have the same limitation (baseDn=“”).
Q: I assume the “old” style of configuring LDAP with Spring Beans is still supported in 4.2.x (cf. <https://gist.github.com/serac/5886858> https://gist.github.com/serac/5886858). Correct? Correct. Q: Given Spring Boot in CAS 5, will it be possible to declare search validator search base, filter and responseTime? Or is code required? It is possible; just not accounted for. You’re welcome to submit an issue (and old style is also supported in 5) -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/01e501d236e3%24653c4350%242fb4c9f0%24%40unicon.net.
