How does CAS 4.1.X behave like SAML IdP?

[Yan Zhou]

Hi there, 

I am a little confused on SAML support on CAS 4.1.x.  It maybe my understanding of SAML is very beginning, too.

I have viewed CAS as an Enterprise SSO solution, rather than a Federated SSO solution (across enterprises). But, I hear different things about SAML support in CAS. 

CAS 4.1.x doc says:  The CAS server implements the CAS protocol on server side and may even behave like .... SAML IdP.    How does CAS 4.1.X behave like  SAML IdP?  

The doc says that CAS supports the standardized SAML 1.1 protocol primarily to:  1)Support a method of attribute release  2) Single Logout.  It seems suggesting that it does _not_ act like SAML IdP?

The doc. also says that CAS can serve as the authentication provider for Shibboleth.   If CAS 4.1.X can behave like SAML IdP, why would it need Shibboleth?

Thanks,

[Dmitriy Kopylenko]

Short answer: CAS < v5 cannot act like a standalone SAML IDP. CAS 5 can -> https://apereo.github.io/cas/development/installation/Configuring-SAML2-Authentication.html

Cheers,

D.

--
CAS gitter chatroom: https://gitter.im/apereo/cas
CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
CAS documentation website: https://apereo.github.io/cas
CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/3fbcd45d-6f03-4b57-a108-6045a3004132%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.