http://jasig.github.io/cas/development/installation/Configuring-SAML2-Authentication.html
Whether this works for your needs or not is something you should of course seriously evaluate prior to making the jump. There are overlays and such available for enthusiasts to try out this functionality and report feedback, and of course if/when you do and find missing pieces, we’d love to work with you and collaborate to add what might be missing.
The changes are in the master branch, which is a functional but fairly moving target at this point. If you know what you’re doing and are comfortable merging changes back and forth, you’d be fine. But just as equally, you may want to give it one or two weeks before grabbing the latest snapshot.
--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/425abc37-f273-41cb-9322-741ef508c025%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
Thanks for the link, that gives me a better understanding. But just to confirm (I'm being a little dense), if I have a mix of CAS-style and SAML-style services listed in the services registry, a user should generally only have to enter his or her username and password one time to access all those services, correct? (I realize we'd have to test it all, I'm just looking for a "yeah, that's the idea" or "no, not at all" sort of confirmation.)
[>] Yes that is the premise of SSO, regardless of protocol. Works the same for OAuth, OpenID, etc.
I've been holding off on trying the snapshots so far, due mostly to other things on my plate, but also because I'm waiting for 4.3.x and MFA to get a little closer, as we want that, too. I sorta kinda get the overlays and stuff, and even some coding, in that I managed to figure out how to build an MFA module for our two-factor solution (Swivel PINsafe) using CAS 3.6 and the Unicon plug-in.
[>] Is that something you could sharer with us? Is the code/config up on Github somewhere? Wondering if that’s something we could include in CAS as an MFA option, but I don’t know how popular it is. Admitted, first time I hear about them :)
But there was a lot of trial and error and Googling involved, so I'm not sure so much that I know what I'm doing, it's more like I know how to bash it all into some sort of working order. :-)
My current plan, since we can't change anything until after the semester ends anyway, is to pay very close attention in your CAS 4.x workshop and talks at Open Apereo next month and THEN dive into it.
[>] Great! Bring a laptop and lots of questions.
Thanks,
--Dave
I've been holding off on trying the snapshots so far, due mostly to other things on my plate, but also because I'm waiting for 4.3.x and MFA to get a little closer, as we want that, too. I sorta kinda get the overlays and stuff, and even some coding, in that I managed to figure out how to build an MFA module for our two-factor solution (Swivel PINsafe) using CAS 3.6 and the Unicon plug-in.
[>] Is that something you could sharer with us? Is the code/config up on Github somewhere? Wondering if that’s something we could include in CAS as an MFA option, but I don’t know how popular it is. Admitted, first time I hear about them :)
Great. Look forward to it.
Speaking for myself, my only semi-obvious requirements for considering this sort of change are that the dependencies/libraries your extension depends on must be available in some sort of central repository, preferably maven central, and that we should have access to individual test accounts under a demo/test subscription level so we can in some reasonable form maintain it. Otherwise, as awesome as it may be, we can’t quite accept it.
I’d still love to review it nonetheless.
From: cas-...@apereo.org [mailto:cas-...@apereo.org] On Behalf Of David Curry
Sent: Friday, April 22, 2016 5:11 AM
To: CAS Community <cas-...@apereo.org>
--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/7cb9ec09-fd81-4905-8719-09f9126e00af%40apereo.org.