Shibboleth Developers

[Velpi <>]

[forwarded to Shibboleth-dev to continue the discussion there]

I've never deployed Shibboleth (OIRT deploys Shibboleth at Rutgers as a
pilot) but from what Velpi has said it would seem that there are a large
number of institutions out there that deploy an integrated
CAS/Shibboleth package that it would make sense to ensure that we make
this as easy and painless as possible.  (I'm assuming its not as easy
and painless as it could be, but correct me if I am wrong there).

Out of the box CAS comes with a multitude of authentication handlers
that may be of use to the Shibboleth community (and eliminates a
duplicate work-effort).  The CAS server software itself is protocol
agnostic (we marshal our internal domain objects to the CAS protocol at
the last possible step) so we should be able to "communicate" with
Shibboleth in whatever form is required.

Again, however, I'm not familiar enough with Shibboleth on the
code-level to currently comment on what would be required to integrate
the two.  It may be that the current way of integrating the two is the
best way to go.

Thoughts?

Thanks
-Scott

Scott Battaglia
Application Developer, Architecture & Engineering Team
Enterprise Systems and Services, Rutgers University
v: 732.445.0097 | f: 732.445.5493 | 




Scott Cantor wrote:
> > future. Deep integration might make all our lives a lot easier. And I'm 
> > looking at this mainly as a developer...
> >     
>
> I'm not sure what you mean by "deep integration" exactly, but if you mean
> "support the CAS protocol natively", we definitely don't have any plans to
> directly support that.
>
> It's also not a goal of the integration APIs to support that; it would be a
> different sort of project to extend the platform APIs directly in ways that
> may or may not be packagable as an IdP extension. At a minimum, it would
> probably be on a later timeline because more critical APIs would have to be
> frozen to make it possible.
>
> -- Scott
>