Indeed "true SSO" is not a matter of clicking a few buttons I'm afraid. However it is doable and with a decent recipe fairly straightforward.
The benefits are high, we have it integrated with our blackboard system so users just click a login link and on campus they seamlessly login. This is a big win in making the student experience as frictionless as possible.
>From: Discussion list for Shibboleth developments [mailto:JISC-
>[log in to unmask]] On Behalf Of Sara Hopkins
>Sent: 08 February 2013 11:03
>To: [log in to unmask]
>Subject: Re: IdP on Windows vs LDAP
>Many thanks, Cal, I'll definitely have a good read of this. Not for the
>faint-hearted, by the looks of it.
>On 07/02/2013 14:16, caleb racey wrote:
>> Yes and the answer is to only send someone to the kerb login if you
>> page and setting a useragent on our domain joined machines to
>> "campus-ncl" then detecting that
>> To copy paste out of the thread at
>UK Access Management Federation for Education and Research
>The University of Edinburgh is a charitable body, registered in
>Scotland, with registration number SC005336.