As I understand it, I can use /samlValidate so CAS mimics a SAML 1.1 Identity Provider to provide integration with SAML Service Providers.
In my organization, we use a SAML Identity Provider for providing SSO with external companies. For example we integrate with Office 365 via SAML where Office 365 is the Service Provider and our internal Identity Provider is the Identity Provider. We now have a requirement to integrate with a company that is using CAS. Is there any way to establish trust between CAS and a SAML Identity Provider such that a user signed into our Identity Provider can then switch over to this external application without logging in again? I'm thinking as a worst case we may be able to create a SAML Service Provider application that then uses the CAS RESTful API to log the user in with generated usernames/passwords (since we already have established trust against our Identity Provider). Of course the downside to this is that the external company would have to install this application on their end and we would have to maintain it through the versions. Do we have any other options? Am I overthinking things? Thank you! -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
