Oh, and yes, this is our current functioning configuration in production with CAS5. Works like a charm.
On Wednesday, June 10, 2020 at 9:02:25 AM UTC-5, Toby Archer wrote: > > Thank you for your help. Yes, a little more detail. ADFS will be doing the > authenticating, so if I've got my abbreviations straight, yes it will be > SP. You hit CAS, it redirects you to ADFS where you login, and ADFS sends > you back to CAS which sends you back to the service requesting a login. > Through this whole process, the user never sees CAS. CAS adds no > information to the ADFS responses, so it can be thought of as strictly a > relying party which acts as a translator/adapter for services that can't > connect directly to ADFS. > > On Monday, June 8, 2020 at 2:10:10 PM UTC-5, Robert Bond wrote: >> >> >> Hi Tobey, >> >> Can you explain the scenario a little more? >> >> What Role is the ADFS server playing? SP? >> >> What role is the cas server fulfilling? IDP? >> >> Do you have this working on CAS 5? >> >> Thanks! >> >> >> On Thursday, June 4, 2020 at 11:40:47 AM UTC-5, Toby Archer wrote: >>> >>> We are looking to upgrade from CAS 5 to CAS 6. I have a fresh setup so >>> I've just got the default json services and ADFS.. This >>> <https://apereo.github.io/cas/6.0.x/integration/ADFS-Integration.html> >>> guide >>> suggests I need this line: >>> >>> compile >>>> "org.apereo.cas:cas-server-support-wsfederation-webflow:${project.'cas.version'}" >>> >>> >>> In my build.gradle file. Presumably in the area right below: >>> >>> dependencies { >>>> // Other CAS dependencies/modules may be listed here... >>>> // implementation >>>> "org.apereo.cas:cas-server-support-json-service-registry:${casServerVersion}" >>>> compile >>>> "org.apereo.cas:cas-server-support-wsfederation-webflow:${project.'cas.version'}" >>> >>> >>> And then I copied over the attributes from our test box, which appears >>> to be the same in 5.x as it is in 6.x: >>> <https://apereo.github.io/cas/6.0.x/configuration/Configuration-Properties.html> >>> >>> cas.authn.wsfed[0].identityProviderUrl=https://adfs.usd.edu/adfs/ls/ >>>> cas.authn.wsfed[0].identityProviderIdentifier= >>>> http://adfs.usd.edu/adfs/services/trust >>>> cas.authn.wsfed[0].relyingPartyIdentifier=urn:cas:test-sso.usd.edu >>>> cas.authn.wsfed[0].attributesType=WSFED >>>> cas.authn.wsfed[0].autoRedirect=true >>>> >>>> cas.authn.wsfed[0].signingCertificateResources=file:/etc/cas/adfs_signing2019.cer >>> >>> >>> But nothing happens. No redirect, no mention of ADFS in the logs. Was >>> there something else I had to do? >>> >> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e80feb56-1d2a-42f7-a13b-753cd20bd745o%40apereo.org.
