ADFS Shibboleth question
cantor.2 at osu.edu
Thu Apr 3 11:20:30 EDT 2014
On 4/3/14, 11:06 AM, "Qian, Yi" <yqian at ku.edu> wrote:
>After ADFS set up, we will have 2 IdPs, Shibboleth IdP and ADFS IdP,
>Shib IdP will use CAS authentication against sun/oracle LDAP, ADFS will
>authenticate against AD.
>The requirement at the university is user can authenticate against either
>of the IdP and does not require login again
You cannot meet that requirement with the above choices.
>The puzzle here is after user login against ADFS, then access Shib-CAS
>protected resources, how Shib can intercept the SAML assertion issued by
It can't. You're being asked for the impossible, and your diagram will
have to change or the requirements will.
More information about the users