Thanks for the link, that gives me a better understanding. But just to confirm (I'm being a little dense), if I have a mix of CAS-style and SAML-style services listed in the services registry, a user should generally only have to enter his or her username and password one time to access all those services, correct? (I realize we'd have to test it all, I'm just looking for a "yeah, that's the idea" or "no, not at all" sort of confirmation.)
[>] Yes that is the premise of SSO, regardless of protocol. Works the same for OAuth, OpenID, etc. I've been holding off on trying the snapshots so far, due mostly to other things on my plate, but also because I'm waiting for 4.3.x and MFA to get a little closer, as we want that, too. I sorta kinda get the overlays and stuff, and even some coding, in that I managed to figure out how to build an MFA module for our two-factor solution (Swivel PINsafe) using CAS 3.6 and the Unicon plug-in. [>] Is that something you could sharer with us? Is the code/config up on Github somewhere? Wondering if that’s something we could include in CAS as an MFA option, but I don’t know how popular it is. Admitted, first time I hear about them :) But there was a lot of trial and error and Googling involved, so I'm not sure so much that I know what I'm doing, it's more like I know how to bash it all into some sort of working order. :-) My current plan, since we can't change anything until after the semester ends anyway, is to pay very close attention in your CAS 4.x workshop and talks at Open Apereo next month and THEN dive into it. [>] Great! Bring a laptop and lots of questions. Thanks, --Dave -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/00dc01d19c27%2478b76ec0%246a264c40%24%40unicon.net. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
