ADFS Shibboleth question

Qian, Yi yqian at
Thu Apr 3 11:54:39 EDT 2014

The people who love ADFS at the university must be very disappointed,
Thanks Scott for the help

On 4/3/14 10:20 AM, "Cantor, Scott" <cantor.2 at> wrote:

>On 4/3/14, 11:06 AM, "Qian, Yi" <yqian at> wrote:
>>After ADFS set up, we will have 2 IdPs, Shibboleth IdP and ADFS IdP,
>>Shib IdP will use CAS authentication against sun/oracle LDAP, ADFS will
>>authenticate against AD.
>>The requirement at the university is user can authenticate against either
>>of the IdP and does not require login again
>You cannot meet that requirement with the above choices.
>>The puzzle here is after user login against ADFS, then access Shib-CAS
>>protected resources, how Shib can intercept the SAML assertion issued by
>It can't. You're being asked for the impossible, and your diagram will
>have to change or the requirements will.
>-- Scott
>To unsubscribe from this list send an email to
>users-unsubscribe at

More information about the users mailing list