Windows Azure Access Control Service
Robert Lowe
robertmlowe at rmlowe.com
Mon Dec 14 06:29:36 EST 2015
Hi list,
I see some old discussions around Access Control Service and whether it can
be made to talk to the Shibboleth SP (such as this one
<http://shibboleth.net/pipermail/users/2014-February/014205.html>), but no
clear resolution, so thought I'd raise this again to see if there's any new
information out there.
Here's what I've managed to figure out so far.
- Access Control Service is claimed to have “support for SAML token
formats <https://msdn.microsoft.com/en-us/library/azure/hh147631.aspx>.”
I take this to mean that it uses SAML assertions in some form, but doesn't
support the full SSO profile.
- In fact, it looks like Access Control Service can send SAML assertions
inside WS-Federation messages.
- The SP clearly supports WS-Federation
<https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPADFS> in
some form, however this seems to be specifically targeted at ADFSv1, so
it's not clear whether this would be sufficient to talk to Access Control
Service.
Any insight welcomed. :-)
--
Best regards,
Robert Lowe
http://crepuscular.rmlowe.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20151214/c4e9d1bb/attachment.html>
More information about the users
mailing list