Service owner's question CAS or Shibboleth

Corey Scholefield coreys at
Wed Mar 28 14:30:32 EDT 2018

Great question!

We have a fairly simple decision tree that favours SAML via Shib IdP for all vended cloud-services, if the vendor supports it.

A recent wrinkle we have noted is the degree of support for application logout capability that the vendor supports.  At this point, we’ve noticed that some vendors have invested more effort in their CAS-based logout, over a SAML-logout.

Corey S.

[id:image001.jpg at 01D337AD.F8BD9400]

Corey Scholefield
Team Lead, Identity Services
University Systems
University of Victoria<>
T 250-472-4549
C 250-812-4861
coreys at

From: users <users-bounces at> on behalf of IAM David Bantz <dabantz at>
Reply-To: Shib Users <users at>
Date: Wednesday, March 28, 2018 at 10:57 AM
To: Shib Users <users at>
Subject: Service owner's question CAS or Shibboleth

UA service owner for new vended cloud service that supports authN via CAS or Shibboleth (Ad Astra) asks for input on selecting one or the other, as we still run separate CAS (mainly for Banner) and Shibboleth identity services (tied to same identities in AD).

Can anyone share a simple list of +/- for responding to this question?

Or know specific reason to implement one or the other for Ad Astra?

David Bantz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 33778 bytes
Desc: image001.jpg
URL: <>

More information about the users mailing list