CAS Authentication with ADFS

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

CAS Authentication with ADFS

Carter Sema

Trying out the CAS Authentication piece, and connecting back to my ADFS environment.

 

My cas-authorization-endpoint is set to federation.domain.org and my cas-redirect-uri is set to guacamole.domain.org/guacamole. When I navigate to guacamole.domain.org/guacamole it redirects to the following error

 

This federation.domain.org page can’t be found

No webpage was found for the web address:https://federation.domain.org/federationmetadata/2007-06/federationmetadata.xml%20?service=https%3A%2F%2Fguacamole.domain.org%2Fguacamole

HTTP ERROR 404

 

 

Does my ADFS need any other configuration? Or am I missing some setting?

 

Thanks!

 

Carter Sema

Network Support Specialist

CertBadge_Administrator_web

 

Reply | Threaded
Open this post in threaded view
|

Re: CAS Authentication with ADFS

vnick
On Fri, Oct 20, 2017 at 3:19 PM, Carter Sema <[hidden email]> wrote:

Trying out the CAS Authentication piece, and connecting back to my ADFS environment.

 

My cas-authorization-endpoint is set to federation.domain.org and my cas-redirect-uri is set to guacamole.domain.org/guacamole. When I navigate to guacamole.domain.org/guacamole it redirects to the following error

 



This will almost certainly not work.  ADFS does not implement the CAS authentication protocol.  CAS is not just a SSO product, it's a protocol, as well, and the guacamole-auth-cas module implements authentication for the CAS protocol.  IIRC, ADFS federation uses SAML, and there's currently no publicly-available version of a SAML module for Guacamole, although there are a couple of folks working on modules, I believe.

-Nick