Shibboleth IdP freezing issue

Feinstein, Moses moses.feinstein at
Sun Nov 1 02:28:52 UTC 2020

This is very helpful, thank you so much for your input.

Moses Feinstein
Sr. Software / IAM Engineer, App Dev Dept
Emaill: moses.feinstein at<mailto:moses.feinstein at>

From: users <users-bounces at> On Behalf Of IAM David Bantz
Sent: Monday, October 26, 2020 2:17 PM
To: Shib Users <users at>
Subject: Re: Shibboleth IdP freezing issue

External Email
FWIW, we recently successfully pointed our CAS-protocol-reliant services (Banner and closely related services) to our existing Shibboleth IdP (they had relied on separate CAS servers for what I'll call historical reasons), enabling us to decommission multiple dedicated CAS servers. Configuration of CAS-protocol-reliant services is somewhat different than either (Apereo) CAS or the SAML2-protocol-reliant services in Shibboleth, but the switch is essentially invisible to users while providing them a more valuable SSO session. In our case, the actual change-over was merely a DNS change for the CAS service to point to the Shibboleth IdP and required 0 changes to CAS-reliant services themselves.

On Mon, Oct 26, 2020 at 8:55 AM Cantor, Scott <cantor.2 at<mailto:cantor.2 at>> wrote:
On 10/26/20, 12:32 PM, "users on behalf of Feinstein, Moses" <users-bounces at<mailto:users-bounces at> on behalf of moses.feinstein at<mailto:moses.feinstein at>> wrote:

>    Would you recommend any alternatives to our current setup (We have several clients that integrate directly with the
> CAS protocol)

I'd recommend using the IdP as a CAS server, or dumping the IdP and using CAS as the SAML server, but I have no idea why the CAS extension would requires server side storage.

-- Scott

For Consortium Member technical support, see<;!!HoV-yHU!6ELCZoOpC0nWZ93s1AuTmId8-YpnB1A2ptKOqfjejfjNwOlfO2ADlbJmgU2cJ_j_Mxx-NA$>
To unsubscribe from this list send an email to users-unsubscribe at<mailto:users-unsubscribe at>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list