[Building Sakai] Sakai+CAS+Multiple LDAP servers, faisable?
alaanizar at iihem.ac.ma
alaanizar at iihem.ac.ma
Mon Jun 2 13:04:06 PDT 2014
Hi,
If I understand the picture.
There will be one Shibboleth per
institution. One federal Shibboleth linking ALL distributed Shibboleths.
Will then
Sakai authenticate against THE Central federal Shibboleth using CAS or what?
Meaning.
Sakai ->CAS->Shibboleth------->Shibboleths (Shibboleth for each institution)
In this image, NO user will be created in Sakai?
If yes, how the profile tool, especially,
will deal with this? no to mention other tools!
thank you for any further
clarification
Yours,
Alaa
>>
>>
>> the idea is to let Sakai for the application, LDAP for user account
>>
(managed by institutions themselves), and CAS between the two worlds.
>>
>>
I read that CAS can authenticate against LDAP. However, can we setup CAS
>> to
authenticate against multiple LDAP servers?
>>
>>
> I'm sure you can
easily modify CAS or Sakai to communicate with multiple
> LDAP servers based on a user's
login id.
>
> But this sounds like a perfect use case for federated
authentication using
> Shibboleth where each institution would host their own Shibboleth
Identity
> Provider. This would allow users to login to their home institution's
> identity provider and Sakai would allow the users access based on shared
>
trust.
>
> --
> This message has been scanned for viruses and
>
dangerous content by MailScanner, and is
> believed to be clean.
>
>
--
Alaa NIZAR, BA in MIS, LPIC
IIHEM Network Services Manager
+212 665 222 160
www.iihem.ac.ma
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20140602/73c38a51/attachment.html
More information about the sakai-dev
mailing list