ADFS Shibboleth question
Cantor, Scott
cantor.2 at osu.edu
Thu Apr 3 11:20:30 EDT 2014
On 4/3/14, 11:06 AM, "Qian, Yi" <yqian at ku.edu> wrote:
>After ADFS set up, we will have 2 IdPs, Shibboleth IdP and ADFS IdP,
>Shib IdP will use CAS authentication against sun/oracle LDAP, ADFS will
>authenticate against AD.
>
>The requirement at the university is user can authenticate against either
>of the IdP and does not require login again
You cannot meet that requirement with the above choices.
>The puzzle here is after user login against ADFS, then access Shib-CAS
>protected resources, how Shib can intercept the SAML assertion issued by
>ADFS
It can't. You're being asked for the impossible, and your diagram will
have to change or the requirements will.
-- Scott
More information about the users
mailing list