Service owner's question CAS or Shibboleth

Corey Scholefield coreys at uvic.ca
Wed Mar 28 14:30:32 EDT 2018


Great question!

We have a fairly simple decision tree that favours SAML via Shib IdP for all vended cloud-services, if the vendor supports it.

A recent wrinkle we have noted is the degree of support for application logout capability that the vendor supports.  At this point, we’ve noticed that some vendors have invested more effort in their CAS-based logout, over a SAML-logout.

Corey S.

[id:image001.jpg at 01D337AD.F8BD9400]

Corey Scholefield
Team Lead, Identity Services
University Systems
University of Victoria<http://www.uvic.ca/>
T 250-472-4549
C 250-812-4861
coreys at uvic.ca
https://www.uvic.ca/systems



From: users <users-bounces at shibboleth.net> on behalf of IAM David Bantz <dabantz at alaska.edu>
Reply-To: Shib Users <users at shibboleth.net>
Date: Wednesday, March 28, 2018 at 10:57 AM
To: Shib Users <users at shibboleth.net>
Subject: Service owner's question CAS or Shibboleth

UA service owner for new vended cloud service that supports authN via CAS or Shibboleth (Ad Astra) asks for input on selecting one or the other, as we still run separate CAS (mainly for Banner) and Shibboleth identity services (tied to same identities in AD).

Can anyone share a simple list of +/- for responding to this question?

Or know specific reason to implement one or the other for Ad Astra?

David Bantz
UA OIT IAM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180328/55ac44a1/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 33778 bytes
Desc: image001.jpg
URL: <http://shibboleth.net/pipermail/users/attachments/20180328/55ac44a1/attachment.jpg>


More information about the users mailing list