different external AD for different acr

By: Sakit Atakishiyev user 30 Oct 2020 at 5:15 a.m. CDT

2 Responses
Sakit Atakishiyev gravatar
Hello. I have three different custom `authentication_scripts`. All authentication happens in remote active directory. But I want to each `acr` use own remote server for authentication. For example I have `basic` and `custom_basic` custom authentication scripts and `AD1` and `AD2` remote active directories configured. Now when user login with `basic` I want to authenticate this user in only `AD1`, else if acr is `custome_basic` then use `AD2`. Is there any way to do this in version `4.2`? I checked the source code. `AuthenticationServiceauthenticate` class has method `authenticate(GluuLdapConfiguration ldapAuthConfig, PersistenceEntryManager ldapAuthEntryManager, String keyValue, String password, String primaryKey, String localPrimaryKey)` can I use method with interceptor scripts?
CentOS 7.0
closed

Answers

By Michael Schwartz Account Admin 30 Oct 2020 at 10:46 a.m. CDT

Copy
Michael Schwartz gravatar
See the Casa script for ideas about how to switch between different scripts. There is also a router script which may give you some ideas [https://github.com/GluuFederation/oxAuth/tree/master/Server/integrations/acr_router](https://github.com/GluuFederation/oxAuth/tree/master/Server/integrations/acr_router)

By Sakit Atakishiyev user 31 Oct 2020 at 12:16 a.m. CDT

Copy
Sakit Atakishiyev gravatar
Let me clarify my question. I don't want switch acr. When we authroize the user system check all external AD until one of them return true. I want don't loop all AD so I want acr use exactly AD which I send as parameter

Post an answer