No, there isn't You configure it as a SAML 2 provider. This means you have to craft the metadata by hand. Also, it is beyond deprecated as it will kill your other SAML integrations. So it's best to just do a pure SAML setup with it. Here's the draft set of instructions I put together. I need to get these publish on the public Internet somewhere, as I suspect they would be useful to others:
G Suite now offers test domains for testing things. This can be used to validate SSO settings and changes. So first you may want to change to "Use a domain specific issuer" to differentiate between your normal instance and the test one. That will result in a issuer looking like this: google.com/a/gsuitetest.ndsu.edu<http://google.com/a/gsuitetest.ndsu.edu> instead of google.com The Sign-in page URL is this off of your IdP cas/idp/profile/SAML2/Redirect/SSO The certificate provided needs to be your SAML 2 signing certificate. >From here you will need to generate metadata to give CAS. You can use this >service to generate the metadata: https://www.samltool.com/sp_metadata.php Values: Entity ID: The issuer, which in my case is google.com/a/gsuitetest.ndsu.edu<http://google.com/a/gsuitetest.ndsu.edu> ACS Endpoint: This can be got by doing a test auth from G Suite and using SAML Tracer, but looks like this for my test domain: https://www.google.com/a/gsuitetest.ndsu.edu/acs Nameid Format: Leave at 1.1 unspecified You don't need a cert. You need to upload your SAML certificate to Google so that it can verify the response. You will need to edit the generated metadata to remove the "validUntil" attribute, as it is set to expire very quickly. On Mon, 2020-08-03 at 10:50 -0700, Jeremiah Garmatter wrote: Hello, I've recently upgraded my CAS server from 5.3.14 to 6.2.1 and had a question about Google Apps integration. On the older system, there was a gradle dependency for google apps SAML: implementation "org.apereo.cas:cas-server-support-saml-googleapps:${project.'cas.version'}" I get a deprecation warning when using this: CAS integration with Google Apps is now deprecated and scheduled to be removed in the future. The functionality is now redundant and unnecessary with CAS able to provide SAML2 identity provider features.To handle the integration, you should configure CAS to act as a SAML2 identity provider and remove this integration from your deployment to protected against future removals and surprises.> I've changed to use the SAML 2 dependency: implementation "org.apereo.cas:cas-server-support-saml-idp:${project.'cas.version'}" but I'm not sure what to do about Google's properties. There were properties defined for public and private keys within cas.properties: cas.google-apps.private-key-location= cas.google-apps.public-key-location= cas.google-apps.key-algorithm=RSA Are there equivalent properties for SAML2? -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/34702d6409490cc7f8fef38c145852f39cf4b64a.camel%40ndsu.edu.
