Let me know if the below makes since. For the integration you need to pass the attributes as follows:
cas.samlSP.office365.metadata= https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml <https://www.google.com/url?q=https%3A%2F%2Fnexus.microsoftonline-p.com%2Ffederationmetadata%2Fsaml20%2Ffederationmetadata.xml&sa=D&sntz=1&usg=AFQjCNEz1tzkIfEw8mu_UMi0VfFI_5xfTg> cas.samlSP.office365.name=O365 cas.samlSP.office365.description=O365 Integration cas.samlSP.office365.nameIdAttribute=Something from your openldap that does not change. like objectguid in Active Directory. need to sync this to o365 as the immuatbleId cas.samlSP.office365.attributes=mail 'from your openldap', objectguid 'your immutableId again' On Tuesday, July 2, 2019 at 9:38:53 AM UTC-5, Alfonso Veraluz wrote: > > Hello. > > I have a CAS 5.2.3 running fine with a Tomcat 8.0.32, Openjdk 1.8 and > connected to a OpenLdap so my users can login with the uid and the mail. > This CAS is actually providing SSO between Alfresco and Liferay. > > I want to add the SSO with Office365 but only for a particular public > domain and there are some questions: > > 1.- What FederationMetadata.xml is needed to provide in CAS, the one in > https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml > > or the one with my EntityID provided from the Portal Azure Admin section? > 2.- How to map the mail in the OpenLdap to be the same at O365 account? > It's suposed the idp will map in the cas.samlSp.office365.attributes? > > adding this to my cas.properties should be enough? > > #/etc/cas/saml/frommsoft/federationmetadata.xml from > https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml > > cas.samlSP.office365.metadata=/etc/cas/saml/frommsoft/federationmetadata.xml > cas.samlSp.office365.name=O365 > cas.samlSp.office365.description=Office365 Integration > cas.samlSp.office365.nameIdAttribute=scopedImmutableID > cas.samlSp.office365.attributes=IDPEmail,ImmutableID > > Thanks your comments. > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/d701e953-6f3e-46b8-88e3-dc9fd07ae357%40apereo.org.
