2013/10/22 Kevin P. Foote <[email protected]> > > On Tue, 22 Oct 2013, Maxime BOSSARD wrote: > > In fact we developped a plugin for CAS to integrate a SAML SP in it to be >> able to plug it in a SAML federation. >> The plugin allow the CAS server to be seen like a simple SP and grant >> access to all services protected by the CAS server. >> We implemented it with OpenSaml 2. >> The plugin is able to deal with SAML 2.0 Authn and SLO protocols with >> Redirect and POST binding. >> We are able to retrieve SAML attributes in AuthnResponses to propagate the >> authentication on the CAS server. >> >> The plugin is available here >> https://github.com/GIP-RECIA/**cas/tree/feature-saml2/cas-** >> server-support-saml2<https://github.com/GIP-RECIA/cas/tree/feature-saml2/cas-server-support-saml2> >> with >> few documentations. >> > > Interesting.. > > On step 3 is the "local" CAS-Server then just a choice on the WAYF service > page / option list? And follow up to that, the user is always > presented with the WAYF page.. correct? > > The WAYF page is a jsp presented first before login page in CAS login webflow. The CAS login is always presented as an option in the WAYF like another IdP. The user can choose to authenticate "localy" on the CAS or "remotely" on another IdP.
> I like the fact that there is always more than one way to get something > done with these products .. :-) We simply let the Shib-SP do the SAML > thing.. > > > ------ > thanks > kevin.foote > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/**display/JSG/cas-user<http://www.ja-sig.org/wiki/display/JSG/cas-user> > -- Regards, Maxime BOSSARD. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
