Azure AD without ADFS
Cantor, Scott
cantor.2 at osu.edu
Tue May 2 11:37:51 EDT 2017
> We have not found this portal to be capable to consume Shibboleth IdP
> Federation with IdP Discovery Service which requires signing of keys and
> certificates.
I don't really have any idea what you're doing, and I know even less about Azure, but the discovery service in a Shibboleth "world" has nothing whatsoever to do with proxying, IdPs, or any keys or certificates. It's a redirector/selector associated with an SP and is usable with virtually any application provided a bit of redirection glue is possible. IdPs have no idea what discovery is or how it's done, they're oblivious.
If the IdP is a proxy, then it's the SP component of the IdP that is involved with discovery, not its capacity as an IdP.
> Even though we are still trying to find ways to connect through
> Shibboleth IdP Discovery Service (i.e. Proxy IdP)
Specifically, it sure isn't that.
-- Scott
More information about the users
mailing list