CAS V5.3 with Zoom SSO???
145 views
Skip to first unread message
Keith Alston (Staff)
May 12, 2020, 5:37:03 PM5/12/20
to cas-...@apereo.org
Anyone set up Zoom SSO with CAS?? Any pointers/tips??
-Keith Alston
Regent University
David Curry
May 12, 2020, 5:45:18 PM5/12/20
to CAS Community
We're running it with CAS 5.2.x as a SAML2 service. I didn't personally set it up, but the guy who did says it was just a "regular" SAML2 setup (they're pretty routine for us these days). Release the attributes Zoom wants and tell it which attribute is what, and you're good to go.
--Dave
--
DAVID A. CURRY, CISSP
DIRECTOR • INFORMATION SECURITY & PRIVACY
THE NEW SCHOOL • INFORMATION TECHNOLOGY
71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 646 909-4728 • david...@newschool.edu
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/BL0PR10MB2995C18C69E942E80155BD7CD9BE0%40BL0PR10MB2995.namprd10.prod.outlook.com.
William E.
May 13, 2020, 9:37:28 AM5/13/20
to CAS Community, kei...@regent.edu
We did with saml too, but with the Shibboleth "half" of our CAS+Shibboleth combined service. If you are looking for guidance using CAS as saml IDP with it, sorry, can't help.
As for the integration, once you get it going, on the zoom side you can map attribute values to zoom roles. And it auto-creates user account on first sso login to zoom.
-William
Shawn Cutting
May 15, 2020, 8:08:49 AM5/15/20
to CAS Community, kei...@regent.edu
We are using pure SAML with Zoom, and it was not the easiest thingto setup, but it is working. What have you tried thus far?
Robert Bond
May 15, 2020, 10:53:43 AM5/15/20
to cas-...@apereo.org, kei...@regent.edu
Are you running into any issues?
You need to have SAML setup first.
Here is a modified copy of our service registry entry: (modify attributes as needed)
{
"id" : 12,
"@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
"metadataLocation" : "https://regent.zoom.us/saml/metadata/sp",
"metadataExpirationDuration" : "PT60M",
"signAssertions" : true,
"skipGeneratingAssertionNameId" : false,
"skipGeneratingSubjectConfirmationInResponseTo" : false,
"skipGeneratingSubjectConfirmationNotOnOrAfter" : false,
"skipGeneratingSubjectConfirmationRecipient" : false,
"skipGeneratingSubjectConfirmationNotBefore" : true,
"signResponses" : true,
"encryptAssertions" : false,
"metadataCriteriaRoles" : "SPSSODescriptor",
"metadataCriteriaRemoveEmptyEntitiesDescriptors" : true,
"metadataCriteriaRemoveRolelessEntityDescriptors" : true,
"signingCredentialType" : "BASIC",
"serviceId" : "regent.zoom.us",
"name" : "Zoom",
"logo" : "/cas/images/services/zoom_logo.png",
"description" : "Zoom",
"evaluationOrder" : 12,
"usernameAttributeProvider" : {
"@class" : "org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider",
"usernameAttribute" : "mail",
"canonicalizationMode" : "NONE",
"encryptUsername" : false
},
"attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy",
"allowedAttributes" : [ "java.util.ArrayList", [ "givenName", "mail", "surname", "memberOf" ] ]
},
"logoutType" : "BACK_CHANNEL",
"logoutUrl" : "https://regent.zoom.us/saml/SingleLogout",
"accessStrategy" : {
"@class" : "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
"enabled" : true,
"ssoEnabled" : true
}
}
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/128fffa9-c0da-40b9-9873-acb5698b22f6%40apereo.org.
Robert Bond
May 22, 2020, 9:20:28 AM5/22/20
to Keith Alston (Staff), cas-...@apereo.org
No problem.
Glad to hear it is working.
A lot of those parameters are default
Thanks!
On Fri, May 22, 2020 at 8:17 AM Keith Alston (Staff) <kei...@regent.edu> wrote:
WOW! Thanks for sharing your registry entry.
I did get this working and it actually was pretty straightforward. My registry entry was way smaller but I’m going to research those parameters now!
Thanks!
Keith Alston (Staff)
May 23, 2020, 2:54:04 AM5/23/20
to Robert Bond, cas-...@apereo.org
WOW! Thanks for sharing your registry entry.
I did get this working and it actually was pretty straightforward. My registry entry was way smaller but I’m going to research those parameters now!
Thanks!
From: Robert Bond [mailto:bo...@nsuok.edu]
Sent: Friday, May 15, 2020 10:53 AM
To: cas-...@apereo.org
Cc: Keith Alston (Staff) <kei...@regent.edu>
Subject: Re: [cas-user] Re: CAS V5.3 with Zoom SSO???
Are you running into any issues?
Reply all
Reply to author
Forward
0 new messages