Ahh.. OK. Yea you left out the ADFS bits.. :-) My main point was if you/Laura were thinking Shib would be yet another point for end users to 'login to', that would be incorrect. Shib and CAS work nicely together to avoid just such a scenario.
------ thanks kevin.foote On Thu, 6 Dec 2012, Gasper, John wrote: -> Hey Kevin, -> -> I guess the point is we are an ADFS school, not Shib, and have been for several years. I probably also assumed that Laura was trying to use ADFS as that is what MS tends to push. -> -> My goal was to connect the two different SSO services (CAS and ADFS) and still retain the ability to federate (I originally modified ADFS to use CAS auth with the ClearPass extension). Someday, I should do more investigation with Shib, but it hasn't been a priority as of late. -> -> Besides writing the WS-Federation auth handler/plugin was a fun challenge. :) (Although Jérôme did the heavy lifting with the OAUTH connector.) It can be found here: https://github.com/jtgasper3/cas/tree/3.5.x/cas-server-support-wsfederation -> -> John -> -> -----Original Message----- -> From: Kevin P. Foote [mailto:[email protected]] -> Sent: Thursday, December 06, 2012 10:20 AM -> To: [email protected] -> Subject: RE: [cas-user] Cas and o365 Email -> -> On Wed, 5 Dec 2012, Gasper, John wrote: -> -> -> EWU is just about to go live with O365, so we had a similar need, but because we didn't want to have 2 un-connected single sign-on solutions we took a different approach. -> -> John, you are thinking about this wrong. As Jason mentioned before, user never knows the Shib portion is involved. Your SSO session would still be governed and provided fully by your CAS instance. You would not be adding an "un-connected sign-on solution". Rather, you would be extending the functionality of your current SSO solution to include the full SAML stack and yes the ECP portion which you would be after with o365. -> -> Just something to think about. -> -> ------ -> thanks -> kevin.foote -> -> -> -- -> You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -> -> -> -- -> You are currently subscribed to [email protected] as: [email protected] -> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -> -> -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
