[Building Sakai] SSO using SAML 2.0 rather than CAS
Erik Lindskog
erik.lindskog at umu.se
Mon Nov 24 23:59:40 PST 2014
This page has some more info how to do it with Apache and mod_shib:
https://confluence.sakaiproject.org/display/SAKDEV/Shibboleth
Here at UmU we use SimpleSAMLphp as IDP, but using ADFS should work in a similar way.
We have used the patch in the link above with some minor changes that I don’t remember right now and running this in production in 2.9.3 and in a test environment in 10.2.
If you manage to get it to work with ADFS, I would be happy if you share how you did it since we might move to ADFS in the future.
LastPass SAML Java SDK or spring-security-saml might be esaier if doing it from scratch.
Regards
/Erik
From: sakai-dev-bounces at collab.sakaiproject.org [mailto:sakai-dev-bounces at collab.sakaiproject.org] On Behalf Of Sam Ottenhoff
Sent: den 19 november 2014 18:39
To: Stephen Marquard
Cc: sakai-dev at collab.sakaiproject.org
Subject: Re: [Building Sakai] SSO using SAML 2.0 rather than CAS
I just did a quick proof-of-concept locally using the LastPass SAML Java SDK, and it was pretty easy (https://github.com/lastpass/saml-sdk-java) and allows avoiding the pain of setting up Apache + mod_shib.
Has anyone on this list looked at using spring-security-saml?
On Wed, Nov 19, 2014 at 7:54 AM, Stephen Marquard <stephen.marquard at uct.ac.za<mailto:stephen.marquard at uct.ac.za>> wrote:
Hi all,
As a result of some central IT changes, we are looking at changing our Sakai’s SSO from CAS to SAML 2.0 (provided by ADFS).
Is anyone else using SAML2 / ADFS for Sakai SSO, and if so is there documentation on how to set this up?
Regards
Stephen
---
Stephen Marquard, Learning Technologies Co-ordinator,
Centre for Innovation in Learning and Teaching (CILT)
University of Cape Town
http://www.cilt.uct.ac.za
stephen.marquard at uct.ac.za<mailto:stephen.marquard at uct.ac.za>
Phone: +27-21-650-5037 Cell: +27-83-500-5290
________________________________
UNIVERSITY OF CAPE TOWN
This e-mail is subject to the UCT ICT policies and e-mail disclaimer published on our website at http://www.uct.ac.za/about/policies/emaildisclaimer/ or obtainable from +27 21 650 9111. This e-mail is intended only for the person(s) to whom it is addressed. If the e-mail has reached you in error, please notify the author. If you are not the intended recipient of the e-mail you may not use, disclose, copy, redirect or print the content. If this e-mail is not related to the business of UCT it is sent by the sender in the sender's individual capacity.
_______________________________________________
sakai-dev mailing list
sakai-dev at collab.sakaiproject.org<mailto:sakai-dev at collab.sakaiproject.org>
http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org<mailto:sakai-dev-unsubscribe at collab.sakaiproject.org> with a subject of "unsubscribe"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20141125/0f3099de/attachment.html
More information about the sakai-dev
mailing list