SAML Public Key for Metadata
28 views
Skip to first unread message
John D Giotta
May 10, 2018, 2:05:11 PM5/10/18
to CAS Community
For a IdP metadata file, what should the KeyDescriptor be? Is it the public key of the web server?
David Curry
May 10, 2018, 3:02:28 PM5/10/18
to cas-...@apereo.org
Assuming you mean for CAS to be your IdP...
When you start CAS for the first time with the SAML IdP enabled, it will generate keys and store them in /etc/cas/saml for you. You need to copy them from there back to a safe location so that they get re-deployed whenever you update the server.
See, for example, here: https://dacurry-tns.github.io/deploying-apereo-cas/building_server_saml_install-and-test-the-idp.html
--Dave
--
DAVID A. CURRY, CISSP
DIRECTOR OF INFORMATION SECURITY
INFORMATION TECHNOLOGY
71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david...@newschool.edu
On Thu, May 10, 2018 at 2:05 PM, John D Giotta <jdgi...@gmail.com> wrote:
For a IdP metadata file, what should the KeyDescriptor be? Is it the public key of the web server?
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/a66f9075-e1ba-4181-9f29-d3f4c185b654%40apereo.org.
Alin Tomoiaga
May 10, 2018, 5:15:00 PM5/10/18
to CAS Community
David, thank you for the great information you have on New School. Do you by any chance have a similar tutorial on setting up CAS as an ADFS idp as described here: https://apereo.github.io/cas/5.2.x/protocol/WS-Federation-Protocol.html ? (sorry for posting on this thread)
David Curry
May 10, 2018, 5:33:39 PM5/10/18
to cas-...@apereo.org
Sorry, I don't. We don't use ADFS, so have no need for it.
David A. Curry, CISSP
Director of Information Security
The New School - Information Technology
71 Fifth Ave., 9th Fl. ~ New York, NY 10003
+1 212 229-5300 x4728 ~ david...@newschool.edu
Sent from my phone; please excuse typos and inane auto-corrections.
David A. Curry, CISSP
Director of Information Security
The New School - Information Technology
71 Fifth Ave., 9th Fl. ~ New York, NY 10003
+1 212 229-5300 x4728 ~ david...@newschool.edu
Sent from my phone; please excuse typos and inane auto-corrections.
On Thu, May 10, 2018, 17:15 Alin Tomoiaga <ali...@gmail.com> wrote:
David, thank you for the great information you have on New School. Do you by any chance have a similar tutorial on setting up CAS as an ADFS idp as described here: https://apereo.github.io/cas/5.2.x/protocol/WS-Federation-Protocol.html ? (sorry for posting on this thread)
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/d9791bfb-e4ce-4f91-bd11-270ccfd315cc%40apereo.org.
Reply all
Reply to author
Forward
0 new messages