Cisco ISE external authentication with Shibboleth IdP?
yavor at nyu.edu
Mon Jul 2 22:58:48 EDT 2018
We recently did this for our Shanghai campus. In steps 11 and 12 in the
guide, you gave link to, use urn:oid attribute names or friendly names. We
provide uid, mail and displayName to ISE and for the group membership(step
11), the initial setup used eduPersonPrimaryAffiliation but we switch to
isMemberOf(urn:oid:184.108.40.206.4.1.59220.127.116.11.1). As usual, be sure assertion
encryption is set in a same way on Cisco ISE and the IdP.
Nothing unusual in the SAML setup.
This video, though it is for PingFederate, could help you.
On Mon, Jul 2, 2018 at 6:07 PM IAM David Bantz <dabantz at alaska.edu> wrote:
> Cisco ISE has instructions for configuring Ping SAML identity provider, so
> I'm hopeful that someone has configured Shibboleth IdP and could assure us
> is that's possible.
> David Bantz
> UA OIT IAM
> For Consortium Member technical support, see
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
Systems Developer for Identity Services
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users