Indeed "true SSO" is not a matter of clicking a few buttons I'm afraid. However it is doable and with a decent recipe fairly straightforward.
The benefits are high, we have it integrated with our blackboard system so users just click a login link and on campus they seamlessly login. This is a big win in making the student experience as frictionless as possible.
>-----Original Message-----
>From: Discussion list for Shibboleth developments [mailto:JISC-
>[log in to unmask]] On Behalf Of Sara Hopkins
>Sent: 08 February 2013 11:03
>To: [log in to unmask]
>Subject: Re: IdP on Windows vs LDAP
>
>Many thanks, Cal, I'll definitely have a good read of this. Not for the
>faint-hearted, by the looks of it.
>
>Sara
>
>On 07/02/2013 14:16, caleb racey wrote:
>> Yes and the answer is to only send someone to the kerb login if you
>> are sure it's going to work, we do this with JavaScript on the login
>> page and setting a useragent on our domain joined machines to
>> "campus-ncl" then detecting that
>>
>> To copy paste out of the thread at
>> https://groups.google.com/forum/?fromgroups=#!topic/shibboleth-
>users/NOaQDb0LMyw
>>
>> <snip>
>
>--
>Sara Hopkins
>Support Team
>UK Access Management Federation for Education and Research
>web: http://www.ukfederation.org.uk/
>
>The University of Edinburgh is a charitable body, registered in
>Scotland, with registration number SC005336.
|