We have a Shibboleth 3.3.x server which will authenticates via our CAS 5.3.x server. I am interested in using the service provider's entity ID to apply configuration within CAS rather than applying configuration to the Shibboleth service as a whole. This appears to be possible based on:
https://apereo.github.io/cas/5.3.x/integration/Shibboleth.html#relying-party-entityid and https://apereo.github.io/cas/5.3.x/installation/Configuring-Multifactor-Authentication-Triggers.html#entity-id-request-parameter I have built our war with the required cas-server-support-shibboleth dependency and am testing using a login request with both service and entityId parameters. However, CAS still uses the service configuration which matches our Shibboleth service rather than the relying party given by the entity ID. I made sure that the service I created for the relying party's entityId has a lower evaluationOrder value than the definition which matches the Shibboleth service, so I would expect the entityId value to take precedence. When I use the entityId value as the service, CAS matches the correct relying party service configuration, which indicates that the match should happen and entityId isn't being considered. The documentation does not describe any additional configuration or changes in the service configurations that are required to use entityId when it's provided in the request. Has anyone been able to make this work or have any suggestions what I'm missing? -dirk -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAJ%3D0EZzWiiS1dhpQLNYTQ2oL-JggGd3AkjSoMBmHVJvkcsGWrg%40mail.gmail.com.
