CAS IdP integration with service provider that does not provide metadata
37 views
Skip to first unread message
Mihai Petracovici
Apr 19, 2018, 12:25:23 PM4/19/18
to CAS Community
Hello,
We are looking at SAML2 integration with a certain service provider that does not appear to provide metadata. Their preliminary instructions give two URLs one they call the Reply URL and the other the Sign On URL which after a quick Google search look to be parameters for ADFS/Azure SSO setup (https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-custom-apps). Is CAS able to configure a SAML service with only those parameters? As far as I know, we need a SP metadata file or link for the SAML service definition to work; are we out of luck if they can't or won't provide one?
Any ideas would be welcome.
Thanks,
Mihai Petracovici
We are looking at SAML2 integration with a certain service provider that does not appear to provide metadata. Their preliminary instructions give two URLs one they call the Reply URL and the other the Sign On URL which after a quick Google search look to be parameters for ADFS/Azure SSO setup (https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-custom-apps). Is CAS able to configure a SAML service with only those parameters? As far as I know, we need a SP metadata file or link for the SAML service definition to work; are we out of luck if they can't or won't provide one?
Any ideas would be welcome.
Thanks,
Mihai Petracovici
David Curry
Apr 19, 2018, 12:41:02 PM4/19/18
to cas-...@apereo.org
Would this little tool help? It's what we used to create the metadata for a couple of the services we have that don't provide metadata.
(This is the same service that the CAS documentation points to.)
--Dave
--
DAVID A. CURRY, CISSP
DIRECTOR OF INFORMATION SECURITY
INFORMATION TECHNOLOGY
71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david...@newschool.edu
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/d99e25dd-85b8-49bf-a41e-cba892c95a28%40apereo.org.
Mihai Petracovici
Apr 19, 2018, 12:52:37 PM4/19/18
to cas-...@apereo.org
Hello Dave,
Thanks for that link. We were floating the idea around of creating the SP metadata ourselves and that tool would make the process trivial. I guess providing metadata files is not as widespread as I thought.
Thanks,
You received this message because you are subscribed to a topic in the Google Groups "CAS Community" group.
To unsubscribe from this topic, visit https://groups.google.com/a/apereo.org/d/topic/cas-user/HQS0zecrZKI/unsubscribe.
To unsubscribe from this group and all its topics, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAOiDqnnDCiDxiJmP%3DB%2BS4792Np41rSdHgnNT2SrWm0Tjg%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages