LDAP and SAML potential conflicts | Community
Skip to main content
AlleOTC
AlleOTC
Level 2
April 24, 2024

LDAP and SAML potential conflicts

  • April 24, 2024
  • 1 reply
  • 766 views

Good morning,
we manage an AEM site for our customer.
We already have LDAP configured for authentication on author. We also have configured the Sync Handler.
Our customer asked us to implement SSO with SAML.
To configure SAML we checked these resources:
discussion https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/set-up-aem-sso-authentication/td-p/369707
AEM documentation https://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/saml-2-0-authenticationhandler

Our customer told us to keep LDAP configuration, they want to have both options to log into author. Our question is: can LDAP and SAML configuratons conflict, or can we implement both ?

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

1 reply

EstebanBustamante
Community Advisor and Adobe Champion
EstebanBustamanteCommunity Advisor and Adobe Champion
Community Advisor and Adobe Champion
April 26, 2024

Hi,

 

Technically, you could work with both. I haven't tried it myself, but I think one thing you should consider is the duplication of users. What I would explore is the option to sync between SAML and LDAP first. I hope you can share your findings here.

 

Hope this helps.

Esteban Bustamante
    A
    afanot
    April 29, 2024

    Hi Esteban,

    thanks for your reply.
    Since sync with LDAP is lready working we think we would not flag user creation in SAML configuration to avoid problems.

    Anyway I will write more about this subject as soon as we will implement Single Singn On with SAML.

     

    Regards.

      AlleOTC
      AlleOTCAuthor
      Level 2
      December 12, 2024

      Hi Esteban,

      I'm sorry but the project have been delayed, so I come back to this subject after a lot of time.
      Anyway, I confirm that we decided to keep user creation / synchronization with LDAP.

      So we implemented SAML SSO login succesfully with no problems.
      I can add that if we want to use AEM built in login form we just have to point to http://localhost:4502/libs/granite/core/content/login.html

      Bye.

      Terms & ConditionsAccessibility statement

      Loading footer...