> our current institution uses CAS / LDAP to authenticate our users; however, > the vendor only lists instructions for SAML (which requires a Public Key > Certificate).
Does the vendor support a particular SAML version? SAML 1.1 and SAML 2 are significantly different, with the latter a huge design-by-committee failure IMO. > Is there a way to integrate the two together, in such a manner that we can > simply point our vendors software to a CAS URL and have it support the > required SAML messages? Your mention of PKI is concerning. Currently CAS has no support for XML digital signatures or message encryption, which would be two possible use cases for a certificate. Can you provide a link to the vendor instructions so we can investigate further? > Would we need to setup a SAML aware system and on some sub-layer connect CAS > and SAML so we can continue on with our SSO environment? I wonder if CAS-Shibboleth-VendorProduct integration is the way to go. Many folks, including us at Virginia Tech, have had success integrating CAS and Shib, and I can say from experience that Shib support for SAML is second to none. See http://www.ja-sig.org/wiki/display/CASUM/Shibboleth-CAS+Integration for more info. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
