ADFS Shibboleth question
Qian, Yi
yqian at ku.edu
Thu Apr 3 11:54:39 EDT 2014
The people who love ADFS at the university must be very disappointed,
Thanks Scott for the help
On 4/3/14 10:20 AM, "Cantor, Scott" <cantor.2 at osu.edu> wrote:
>On 4/3/14, 11:06 AM, "Qian, Yi" <yqian at ku.edu> wrote:
>
>>After ADFS set up, we will have 2 IdPs, Shibboleth IdP and ADFS IdP,
>>Shib IdP will use CAS authentication against sun/oracle LDAP, ADFS will
>>authenticate against AD.
>>
>>The requirement at the university is user can authenticate against either
>>of the IdP and does not require login again
>
>You cannot meet that requirement with the above choices.
>
>>The puzzle here is after user login against ADFS, then access Shib-CAS
>>protected resources, how Shib can intercept the SAML assertion issued by
>>ADFS
>
>It can't. You're being asked for the impossible, and your diagram will
>have to change or the requirements will.
>
>-- Scott
>
>
>--
>To unsubscribe from this list send an email to
>users-unsubscribe at shibboleth.net
>
More information about the users
mailing list