Question about CAS and Shibboleth v4.0.1

[Cantor, Scott]

On 6/11/20, 9:10 AM, "users on behalf of Joseph Fischetti" <users-bounces at shibboleth.net on behalf of Joseph.Fischetti at marist.edu> wrote:

> There’s a “new” (from 3.4) way to define CAS services through metadata files [1].  It’s kinda painful to switch… I’ve been
> working through the ones we have.

That's a choice, obviously, you can configure the resolution with either, both, and in whatever order you want. The warnings are a consequence of those choices (and they really shouldn't be warnings, the logging is too high).

> The plan is to define a single metadata file with multiple CAS services inside an “EntitiesDescriptor”.  The name on the
> entitiesDescriptor lets me handle them as a group (the same way the old cas service registry did). 

That will be a hassle to maintain, it's very brittle. LocalDynamic is a better way to handle piles of metadata if you even need or want to use it at all.

If you don't use the metadata to do anything, there's little point in moving to it. For those of us that use metadata for everything (not that I use CAS, but the same principle will apply to OIDC), being able to is very valuable.

-- Scott