[
https://issues.apache.org/jira/browse/SYNCOPE-1558?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17095519#comment-17095519
]
Misagh Moayyed commented on SYNCOPE-1558:
-----------------------------------------
PR finalized and ready. 4.0.1 SNAPSHOT of pac4j should contain the change, and
the change is pushed into the next snapshot release of CAS.
Next, will fine-tune the WA configuration with the next CAS snapshot to take
advantage of latest pac4j changes for SAML IDP config.
> Configure WA delegated authn module to SAML IdPs via REST
> ---------------------------------------------------------
>
> Key: SYNCOPE-1558
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1558
> Project: Syncope
> Issue Type: Sub-task
> Components: wa
> Affects Versions: 3.0.0
> Reporter: Misagh Moayyed
> Assignee: Misagh Moayyed
> Priority: Major
> Fix For: 3.0.0
>
>
> When WA is configured to hand off authentication to an external SAML2
> identity provider via pac4j, pac4j expects a java keystore to be
> created/present on disk that will be used by WA as a SAML SP to interact with
> the IDP and to generate metadata, sign responses, etc. This keystore is
> expected to be found on disk, and pac4j does not allow other options for
> producing/fetching the keystore via REST.
> Also, a number of other artifacts such as generation of SP metadata, etc
> should be configurable over rest.
>
> Task is:
> * Allow pac4j to open up its api/configuration to allow for keystore
> fetching over rest
> * Modify WA to use this configuration and produce keystore data over rest.
>
> Note that a similar and separate task may be created to handle the same
> matter with delegated authn to OIDC OPs.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
