> 1) user requests access to a casified resource (that is ready to > accept attributes and possibly scoped ids) > 2) user is redirected to CASShib for authN (/casshib/shib/myservice/login) > 4) user is authenticated to CASShib via external Shib IdP > 5) CASShib redirects user back to the resource with a ST and > ultimately provides the scoped Id and user attributes via CAS/SAML1.1 > validate > > Make sense?
It does, thanks, and it sounds like the kind of scenario that Klas meant. Thanks for spelling it out for me. Pax, M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
