I have configured jive application to authenticate using ldap. After the set up the users were getting properly synchronized. E.g if the user doesn't exist in jive but does exist in ldap, the jive application automatically logs in and creates an account in the jive using ldap values.
So far everything looks fine.
Then I have setup the sso for jive following the guidelines given in the below url
Basically for sso to work we need to inject our authentication filter using spring. Following is the filter chain proxy definitions used in the sso plugin
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
/upgrade/**=httpSessionContextIntegrationFilter, upgradeAuthenticationFilter, upgradeExceptionTranslationFilter, jiveAuthenticationTranslationFilter
/post-upgrade/**=httpSessionContextIntegrationFilter, postUpgradeAuthenticationFilter, postUpgradeExceptionTranslationFilter,jiveAuthenticationTranslationFilter
/admin/**=httpSessionContextIntegrationFilter, adminAuthenticationFilter, adminExceptionTranslationFilter,jiveAuthenticationTranslationFilter
/rpc/xmlrpc=wsRequireSSLFilter, httpSessionContextIntegrationFilter, federatedIdentityAuthFilter, wsExceptionTranslator, jiveAuthenticationTranslationFilter, wsAccessTypeCheckFilter
/rpc/rest/**=wsRequireSSLFilter, httpSessionContextIntegrationFilter, federatedIdentityAuthFilter, wsExceptionTranslator, jiveAuthenticationTranslationFilter, wsAccessTypeCheckFilter
/rpc/soap/**=wsRequireSSLFilter, httpSessionContextIntegrationFilter, federatedIdentityAuthFilter, jiveAuthenticationTranslationFilter
/**=httpSessionContextIntegrationFilter, federatedIdentityAuthFilter, jiveAuthenticationTranslationFilter
After doing this the ldap synchronization is not happening. Exusting users of jive are authenticated but the users that exist in ldap but not in jive are not getting authenticated. I am getting redirected to login page. I hoped that atleast if I provide the credentials for the second time in this login page, ldap synchronization would work. Unfortunately the login page is no more working due to the sso plugin. The plugin is overriding the authentication mechanism and the login page is always failing even with proper credentials.
Is there a way I could have sso plugin working for all urls except the log page url (<form action="cs_login">) ? Or is there a better way to do synchronization of ldap users with jive system with sso in place?