In a user store, each user has different attributes such as uid, cn, email and so on. Some of the attributes can be unique. As an example, normally uid and mail can be unique attributes for user.
Once you connect your LDAP with an application, the application can use one of the unique attributes in LDAP to authenticate the user (as the user name of the user in that application). Considering our example, it can be the uid or mail attribute. Additionally, in some cases, the application can use both attributes. So end users can be authenticated in the application using both their uid or mail.
WSO2 Identity Server products can be deployed with any LDAP based server and it can expose authentication via a Web Service API, SAML, OAuth, OpenID, etc. By default, Identity Server is WSO2 products are configured to authenticate with only one user attribute in the LDAP. This topic provides instructions on how the Identity Server product can be extended to authenticate users using more than one attribute.
For the purposes of this example, we assume that users need to be authenticated using both their uid and mail attributes in the LDAP.
...