Hi Farzan, Shibboleth can be complex, yes, with much to learn about it and many opportunities to configure.
The CAS-Shibboleth bridging piece isn't too bad. Here's my favorite solution: https://github.com/Unicon/shib-cas-authenticator I thought this presentation was pretty good: https://wiki.jasig.org/x/AxMoAw Hope that helps, Andrew On Wed, Jan 9, 2013 at 2:13 PM, Farzan Qureshi <[email protected]>wrote: > Hi Andrew, > > Do you know any source of good documentation on bridging CAS and > Shiboleth? Shibboleth is very complex to configurebut as it is now a > requirement at my organization thus i am studying how it works. > > Please guide me how to start. We have a working cas install and several > applications are casified and running successfully. > > Thanks for your help. > > Farzan > > > On Thursday, 10 January 2013, Andrew Petro <[email protected]> wrote: > > Hi Farzan, > > If you want to do SAML integrations complete with IdP metadata and so > forth, I recommend bridging to the Shibboleth IdP to handle SAML heavy > lifting. > > Shibboleth IdP is CASifiable such that users log in via CAS. End user > experience is still CAS login. Vendor / integrator experience is > full-featured SAML2 with metadata and federation support and all the > excruciatingly rigorous standards you can stand. :) The combination has > worked out pretty well at numerous adopters. > > Kind regards, > > Andrew > > > > > > On Tue, Jan 8, 2013 at 4:18 PM, Farzan Qureshi < > [email protected]> wrote: > >> > >> Hi, > >> > >> We are running an application. The vendor of the application is asking > us to send an idp metadata file so that they can generate saml response and > enable SSO functionality in the app. May I know how I should go about this? > We have casified several applications but haven't gone through this step > thus not sure what they are asking for or how do I provide the requested > metadata file. Does anyone of you have ideas? > >> > >> Kind regards, > >> > >> Farzan > >> > >> This email and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they are > addressed. If you have received this email in error please notify the > system manager ([email protected]). Please note that any views or > opinions presented in this email are solely those of the author and do not > necessarily represent those of the company. Finally, the recipient should > check this email and any attachments for the presence of viruses. Rosmini > College accepts no liability for any damage caused by any virus transmitted > by this email. > >> > >> -- > >> You are currently subscribed to [email protected] as: > [email protected] > >> To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > > -- > > You are currently subscribed to [email protected] as: > [email protected] > > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > *Farzan Qureshi* | Network Administrator & Help-desk Support | Rosmini > College | (09) 487 0 530 > > > This email and any files transmitted with it are confidential and intended > solely for the use of the individual or entity to whom they are addressed. > If you have received this email in error please notify the system manager ( > [email protected]). Please note that any views or opinions > presented in this email are solely those of the author and do not > necessarily represent those of the company. Finally, the recipient should > check this email and any attachments for the presence of viruses. Rosmini > College accepts no liability for any damage caused by any virus > transmitted by this email. > > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
