[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-users
Subject:    Re: LDAP Url failover Issue with UnboundID / V4
From:       Jarno Huuskonen <jarno.huuskonen () uef ! fi>
Date:       2020-12-21 13:39:10
Message-ID: aeb1cd853cd317491236b100ea095d63c08817bf.camel () uef ! fi
[Download RAW message or body]

Hi,

On Mon, 2020-11-09 at 19:05 +0100, Etienne Dysli Metref wrote:
> On 09/11/2020 18.50, Etienne Dysli Metref wrote:
> > > Does IdP expose ldaptive / unboundID connection strategy / failoverset
> > > settings for authn ?
> > 
> > AFAIK v3 doesn't. We're currently running with only one LDAP URL, until
> > I can hack enough Spring beans together to change the connection
> > strategy to active-passive for password authentication.

Thanks Etienne.
Have you looked if idp-4.0.1 exposes ACTIVE_PASSIVE ConnectionStrategy by
default ?

I think we'd like to use two pools for authentication: pool1 for local
servers(two) and pool2 for servers in remote data center and have
active_passive set for both pools(with fairly short timeouts) and try to use
local servers(pool1) first and if that fails then use pool2 (with chained
CredentialValidator).

Are chained CredentialValidator tried in sequence ?

-Jarno

> Here are my changes to conf/authn/ldap-authn-config.xml
...

-- 
Jarno Huuskonen

-- 
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]