It should be possible to configure multiple security realms at once with a specified order or preference.
Examples of usage:
failover between multiple ldap instances
failover from ldap to basic auth
Must be able to select more than one authentication realm and choose the attempted order (falling down the list each time a realm says the user is “anonymous”).
Our users do not use passwords to sign in, only browser certificates, SAML, or OpenID. SSO methods like SAML, OpenID, and Google+ sign-in may require the ability for multiple realms to “decorate” the sign-in page with their buttons, which may not be possible yet.
It seems like other users would like support for testing a submitted user/password combination against a succession of realms (like Active Directory and then LDAP), so we'll request that, too.