<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">I’ve found the method-not-allowed message from Spring to be misleading. That’s likely due to missing a CSRF on the login form, but the LDAP overlay shouldn’t have any customizations there.<div class=""><br class=""></div><div class=""> — Justin</div><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Jun 6, 2017, at 5:52 PM, Luiz Omori <<a href="mailto:luiz.omori@duke.edu" class="">luiz.omori@duke.edu</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="WordSection1" style="page: WordSection1; font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(255, 255, 255);"><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">The problem is that our LDAP server requires a little bit of customization so it’s a little bit more elaborate, but I just tried and it didn’t work. Ran into another weird issue: I get a 405 when the login page does a POST.<o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""><o:p class=""> </o:p></span></div><ol start="1" type="1" style="margin-bottom: 0in; margin-top: 0in;" class=""><li class="MsoNormal" style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';"><b class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Request URL:<o:p class=""></o:p></span></b></li></ol><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""><a href="http://localhost:8080/patient-openid-connect/login" style="color: purple; text-decoration: underline;" class="">http://localhost:8080/patient-openid-connect/login</a><o:p class=""></o:p></span></div><ol start="2" type="1" style="margin-bottom: 0in; margin-top: 0in;" class=""><li class="MsoNormal" style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';"><b class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Request Method:<o:p class=""></o:p></span></b></li></ol><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">POST<o:p class=""></o:p></span></div><ol start="3" type="1" style="margin-bottom: 0in; margin-top: 0in;" class=""><li class="MsoNormal" style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';"><b class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Status Code:<o:p class=""></o:p></span></b></li></ol><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">405 Method Not Allowed<o:p class=""></o:p></span></div><ol start="4" type="1" style="margin-bottom: 0in; margin-top: 0in;" class=""><li class="MsoNormal" style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';"><b class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Remote Address:<o:p class=""></o:p></span></b></li></ol><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">[::1]:8080<o:p class=""></o:p></span></div><ol start="5" type="1" style="margin-bottom: 0in; margin-top: 0in;" class=""><li class="MsoNormal" style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';"><b class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Referrer Policy:<o:p class=""></o:p></span></b></li></ol><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">no-referrer-when-downgrade<o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""><o:p class=""> </o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Here is my security:http (straight from the link you sent):<o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""><o:p class=""> </o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> <security:http disable-url-rewriting="true" use-expressions="true"><o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> <security:form-login login-page="/login" authentication-failure-url="/login?error=failure" authentication-success-handler-ref="authenticationTimeStamper" /><o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> <security:intercept-url pattern="/authorize" access="hasRole('ROLE_USER')" /><o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> <span class="Apple-converted-space"> </span><b class=""><span style="color: red;" class=""><security:intercept-url pattern="/**" access="permitAll" /><o:p class=""></o:p></span></b></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> <security:custom-filter ref="authRequestFilter" after="SECURITY_CONTEXT_FILTER" /><o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> <security:logout logout-url="/logout" /><o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> <security:anonymous /><o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> <security:expression-handler ref="oauthWebExpressionHandler" /><o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> <security:headers><o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> <security:frame-options policy="DENY" /><o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> </security:headers><o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> <security:csrf /><o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> </security:http> <o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""><o:p class=""> </o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""><o:p class=""> </o:p></span></div><div style="border-style: solid none none; border-top-width: 1pt; border-top-color: rgb(181, 196, 223); padding: 3pt 0in 0in;" class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><b class=""><span style="font-family: Calibri;" class="">From:<span class="Apple-converted-space"> </span></span></b><span style="font-family: Calibri;" class="">Justin Richer <<a href="mailto:jricher@mit.edu" class="">jricher@mit.edu</a>><br class=""><b class="">Date:<span class="Apple-converted-space"> </span></b>Tuesday, June 6, 2017 at 5:24 PM<br class=""><b class="">To:<span class="Apple-converted-space"> </span></b>Luiz Omori <<a href="mailto:luiz.omori@duke.edu" class="">luiz.omori@duke.edu</a>><br class=""><b class="">Cc:<span class="Apple-converted-space"> </span></b>"<a href="mailto:mitreid-connect@mit.edu" class="">mitreid-connect@mit.edu</a>" <<a href="mailto:mitreid-connect@mit.edu" class="">mitreid-connect@mit.edu</a>><br class=""><b class="">Subject:<span class="Apple-converted-space"> </span></b>Re: [mitreid-connect] Custom AuthenticationProvider<o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><o:p class=""> </o:p></div></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class="">To be honest, I haven’t personally tested the example LDAP overlay in a while as I don’t have an LDAP server set up to run it against. As a consequence, it might be out of date. Have you tried changing “alias” to “id”?<o:p class=""></o:p></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><o:p class=""> </o:p></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""> — Justin<o:p class=""></o:p></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><o:p class=""> </o:p></div><div class=""><blockquote style="margin-top: 5pt; margin-bottom: 5pt;" class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class="">On Jun 6, 2017, at 5:08 PM, Luiz Omori <<a href="mailto:luiz.omori@duke.edu" style="color: purple; text-decoration: underline;" class="">luiz.omori@duke.edu</a>> wrote:<o:p class=""></o:p></div></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><o:p class=""> </o:p></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Well, is the LDAP overlay working? That one seems to be using “alias” instead of “id”.</span><o:p class=""></o:p></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> </span><o:p class=""></o:p></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Regards,</span><o:p class=""></o:p></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Luiz</span><o:p class=""></o:p></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> </span><o:p class=""></o:p></div></div><div style="border-style: solid none none; border-top-width: 1pt; border-top-color: rgb(181, 196, 223); padding: 3pt 0in 0in;" class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><b class=""><span style="font-family: Calibri;" class="">From:<span class="apple-converted-space"> </span></span></b><span style="font-family: Calibri;" class="">Justin Richer <<a href="mailto:jricher@mit.edu" style="color: purple; text-decoration: underline;" class="">jricher@mit.edu</a>><br class=""><b class="">Date:<span class="apple-converted-space"> </span></b>Tuesday, June 6, 2017 at 3:34 PM<br class=""><b class="">To:<span class="apple-converted-space"> </span></b>Luiz Omori <<a href="mailto:luiz.omori@duke.edu" style="color: purple; text-decoration: underline;" class="">luiz.omori@duke.edu</a>><br class=""><b class="">Cc:<span class="apple-converted-space"> </span></b>"<a href="mailto:mitreid-connect@mit.edu" style="color: purple; text-decoration: underline;" class="">mitreid-connect@mit.edu</a>" <<a href="mailto:mitreid-connect@mit.edu" style="color: purple; text-decoration: underline;" class="">mitreid-connect@mit.edu</a>><br class=""><b class="">Subject:<span class="apple-converted-space"> </span></b>Re: [mitreid-connect] Custom AuthenticationProvider</span><o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class="">The new version does upgrade the version of Spring Security and there were a few changes that were required in that upgrade. For one, if you’ve got your auth manager in with “alias” instead of “id”, it can fail in weird ways. Also note that the field names for username and password, as well as the username/password filter, have all changed by default. The other issues had to do with the default session and CSRF behavior in the new version of spring, but that shouldn’t affect the initial login.<span class="apple-converted-space"> </span><o:p class=""></o:p></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> — Justin<o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div><div class=""><blockquote style="margin-top: 5pt; margin-bottom: 5pt;" class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class="">On Jun 6, 2017, at 1:40 PM, Luiz Omori <<a href="mailto:luiz.omori@duke.edu" style="color: purple; text-decoration: underline;" class=""><span style="color: purple;" class="">luiz.omori@duke.edu</span></a>> wrote:<o:p class=""></o:p></div></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Thanks. I took a look and my configuration is very similar. Maybe my problem is elsewhere. The login page shows up but it always fails even with proper username and password (obviously as the authentication provider is not being called). Nothing in the logs at info level and couldn’t find anything useful in debug. Interesting that when I try using a previous MitreID 1.2.x that we have it works. Maybe something new with 1.3.x?</span><o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> </span><o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Regards,</span><o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Luiz</span><o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> </span><o:p class=""></o:p></div></div></div><div style="border-style: solid none none; border-top-width: 1pt; border-top-color: rgb(181, 196, 223); padding: 3pt 0in 0in;" class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><b class=""><span style="font-family: Calibri;" class="">From:<span class="apple-converted-space"> </span></span></b><span style="font-family: Calibri;" class="">Justin Richer <<a href="mailto:jricher@mit.edu" style="color: purple; text-decoration: underline;" class=""><span style="color: purple;" class="">jricher@mit.edu</span></a>><br class=""><b class="">Date:<span class="apple-converted-space"> </span></b>Monday, June 5, 2017 at 4:33 PM<br class=""><b class="">To:<span class="apple-converted-space"> </span></b>Luiz Omori <<a href="mailto:luiz.omori@duke.edu" style="color: purple; text-decoration: underline;" class=""><span style="color: purple;" class="">luiz.omori@duke.edu</span></a>><br class=""><b class="">Cc:<span class="apple-converted-space"> </span></b>"<a href="mailto:mitreid-connect@mit.edu" style="color: purple; text-decoration: underline;" class=""><span style="color: purple;" class="">mitreid-connect@mit.edu</span></a>" <<a href="mailto:mitreid-connect@mit.edu" style="color: purple; text-decoration: underline;" class=""><span style="color: purple;" class="">mitreid-connect@mit.edu</span></a>><br class=""><b class="">Subject:<span class="apple-converted-space"> </span></b>Re: [mitreid-connect] Custom AuthenticationProvider</span><o:p class=""></o:p></div></div></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class="">MIT has a server that uses a stack of different providers for different authentication methods:<o:p class=""></o:p></div></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_MIT-2DCSAIL-2DTIG_oidc.csail.mit.edu_blob_master_oidc-2Dmit-2Doverlay_src_main_webapp_WEB-2DINF_user-2Dcontext.xml&d=DwMFaQ&c=imBPVzF25OnBgGmVOlcsiEgHoG1i6YHLR0Sj_gZ4adc&r=R6m41WT3w_KtulQAsSIxc_C2mwuKoWSycEMpss0QQJA&m=bX9mWylWGUk4aJmRHhF98--u7tYmMkrOqvqnMatSQb4&s=a1JjBG13ol3etHvwxtoo2rb1WmqLl1K_VzeVGICxQHY&e=" style="color: purple; text-decoration: underline;" class=""><span style="color: purple;" class="">https://github.com/MIT-CSAIL-TIG/oidc.csail.mit.edu/blob/master/oidc-mit-overlay/src/main/webapp/WEB-INF/user-context.xml</span></a><o:p class=""></o:p></div></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> — Justin<o:p class=""></o:p></div></div></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div></div><div class=""><blockquote style="margin-top: 5pt; margin-bottom: 5pt;" class=""><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class="">On Jun 5, 2017, at 1:35 PM, Luiz Omori <<a href="mailto:luiz.omori@duke.edu" style="color: purple; text-decoration: underline;" class=""><span style="color: purple;" class="">luiz.omori@duke.edu</span></a>> wrote:<o:p class=""></o:p></div></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div></div><div class=""><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Hi,</span><o:p class=""></o:p></div></div></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> </span><o:p class=""></o:p></div></div></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">We need to be able to authenticate an user using a third party application web service that does the password check and sends back the user details. For that I’ve been trying to implement a custom authentication provider but so far couldn’t make it to work. The constructor is called but neither supports nor authenticate methods are. Using an overlay project for that, overriding user-context.xml with the security:authentication-provider setting pointing to our custom provider. As far as I can see, our project is very similar to the LDAP overlay.</span><o:p class=""></o:p></div></div></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> </span><o:p class=""></o:p></div></div></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Has anybody tried this? If yes, would you mind sending me a skeleton project?</span><o:p class=""></o:p></div></div></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> </span><o:p class=""></o:p></div></div></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Regards,</span><o:p class=""></o:p></div></div></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Luiz</span><o:p class=""></o:p></div></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 9pt; font-family: Helvetica; background-color: white; background-position: initial initial; background-repeat: initial initial;" class="">_______________________________________________</span><span style="font-size: 9pt; font-family: Helvetica;" class=""><br class=""><span style="background-color: white; background-position: initial initial; background-repeat: initial initial;" class="">mitreid-connect mailing list</span><br class=""></span><a href="mailto:mitreid-connect@mit.edu" style="color: purple; text-decoration: underline;" class=""><span style="font-size: 9pt; font-family: Helvetica; color: rgb(149, 79, 114); background-color: white; background-position: initial initial; background-repeat: initial initial;" class="">mitreid-connect@mit.edu</span></a><span style="font-size: 9pt; font-family: Helvetica;" class=""><br class=""></span><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.mit.edu_mailman_listinfo_mitreid-2Dconnect&d=DwMFaQ&c=imBPVzF25OnBgGmVOlcsiEgHoG1i6YHLR0Sj_gZ4adc&r=R6m41WT3w_KtulQAsSIxc_C2mwuKoWSycEMpss0QQJA&m=bX9mWylWGUk4aJmRHhF98--u7tYmMkrOqvqnMatSQb4&s=He3Mte3oSlW53K3UO9iF0wpf8-VnYsIjpOQFXpbUPFQ&e=" style="color: purple; text-decoration: underline;" class=""><span style="font-size: 9pt; font-family: Helvetica; color: rgb(149, 79, 114); background-color: white; background-position: initial initial; background-repeat: initial initial;" class="">http://mailman.mit.edu/mailman/listinfo/mitreid-connect</span></a><o:p class=""></o:p></div></div></div></div></blockquote></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div></div></div></div></div></blockquote></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div></div></div></blockquote></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><o:p class=""> </o:p></div></div></div></div></blockquote></div><br class=""></div></body></html>