Hello, We ended up doing something like this with shibboleth. Each organization would log into their own Shibboleth server, which was authenticated with CAS (against their local LDAP).
There’s a bit of a description of how that would work here: https://www.switch.ch/aai/demo/medium/ Basically, when the user went to our service, they were redirected to login at our Shibboleth server. They could select their organization, and would be redirect to their org’s Shibboleth server. This would redirect them to their CAS server, where they login. This would send them back to Shibboleth (which verifies the CAS ticket), then sends them off with a ticket to our server, which verifies it. Kate Gray From: Jacques Emmanuel Babarit <jacques-emmanuel.baba...@rca.fr> Reply-To: <cas-user@lists.jasig.org> Date: Friday, October 23, 2015 at 6:02 AM To: <cas-user@lists.jasig.org> Subject: [cas-user] Authorize users from another organisation Hi all, i need to autorize users authenticated in another system organisation. And i don"t know how to do it, and if it's possible. Here is the situation : My organisation have a cas server. Good. Another organisation want's to use services from my organisation. Users from the other organisation have to log-in only once, in the other organisation system. Users logged in the other organisation have a dedicated link on their web site to access my system. How can i perfom sso in this case ? I hope i was clear enough, Thanks for any response J-Emmanuel Babarit -- You are currently subscribed to cas-user@lists.jasig.org as: katebe...@me.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
