I am new to Silhouette and I am looking for some guidance. I worked in the past with weblogic. In one of the previous jobs we used a security model where the users where authenticated against MS Active Directory and the application roles were actually mapped to Windows groups.
My questions are:
Can Silhouette be used to authenticate users against an LDAP repository such as MS Active directory? If yes, could you please point me to a sample or article?
Before I posted here I did some research and I found a message that suggested to interface with CAS. That sent me on the path of reading the CAS documentation, but configuring & running CAS is another rabbit hole that I am reluctant to plunge into, though it might be a smart thing to do. I am not sure. I would be curious to find whether other people use silhouette together with CAS.
Other posts suggest to use spring ldap and implement the authentication part by hand.
Does Silhouette support role based authorization? From the Silhouette docs I have the impression that Silhouette targets more the authentication side of things. There is another product that deals with authorization called deadbolt2. A quick check of their github site reveals that they are one version behind relative to the playframework support and also based on my research it doesn’t seem to play nice with silhouette.