ADFS Shibboleth question

Qian, Yi yqian at
Thu Apr 3 11:06:08 EDT 2014

After ADFS set up, we will have 2 IdPs, Shibboleth IdP and ADFS IdP,
Shib IdP will use CAS authentication against sun/oracle LDAP, ADFS will
authenticate against AD.

The requirement at the university is user can authenticate against either
of the IdP and does not require login again

The puzzle here is after user login against ADFS, then access Shib-CAS
protected resources, how Shib can intercept the SAML assertion issued by

On 4/3/14 9:58 AM, "David Gersic" <dgersic at> wrote:

>>>> On 4/3/2014 at 09:51 AM, "Cantor, Scott" <cantor.2 at> wrote:
>> On 4/3/14, 10:48 AM, "David Gersic" <dgersic at> wrote:
>>>I thought I recently read that Microsoft was supporting SAML /
>>>for O365. Maybe you can just do this and be done with it, without
>>>ADFS at all?
>> Yes, seemingly, but from the other response, it sounds like rational
>> technically-based decision making isn't the modus operandi the OP is
>> dealing with.
>Yeah, I see that. Ugh.
>To unsubscribe from this list send an email to
>users-unsubscribe at

More information about the users mailing list