Hello Ray, Thanks for your reply. Here is an example of what I did: cas.authn.pac4j.saml[6].keystore-password=password1 cas.authn.pac4j.saml[6].private-key-password=password2 cas.authn.pac4j.saml[6].service-provider-entity-id= https://auth.icoopeb.org/cas/sp/ufra cas.authn.pac4j.saml[6].service-provider-metadata-path=/etc/cas/config/sp-metadata-ufra.xml cas.authn.pac4j.saml[6].keystore-path=/etc/cas/config/samlKeystore-ufra.jks cas.authn.pac4j.saml[6].identity-provider-metadata-path= https://idp-cafe.ufra.edu.br/idp/shibboleth cas.authn.pac4j.saml[6].destination-binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect cas.authn.pac4j.saml[6].client-name=idpufra cas.authn.pac4j.saml[6].display-name=UFRA cas.authn.pac4j.saml[6].logout-request-binding=
cas.authn.pac4j.saml[7].keystore-password=password3 cas.authn.pac4j.saml[7].private-key-password=password4 cas.authn.pac4j.saml[7].service-provider-entity-id= https://auth.icoopeb.org/cas/sp/uce cas.authn.pac4j.saml[7].service-provider-metadata-path=/etc/cas/config/sp-metadata-uce.xml cas.authn.pac4j.saml[7].keystore-path=/etc/cas/config/samlKeystore-uce.jks cas.authn.pac4j.saml[7].identity-provider-metadata-path= https://login.uce.cedia.edu.ec/saml2/idp/metadata.php cas.authn.pac4j.saml[7].destination-binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect cas.authn.pac4j.saml[7].client-name=idpuce cas.authn.pac4j.saml[7].display-name=Universidad Central del Ecuador cas.authn.pac4j.saml[7].logout-request-binding= cas.authn.pac4j.saml[8].keystore-password=password5 cas.authn.pac4j.saml[8].private-key-password=password6 cas.authn.pac4j.saml[8].service-provider-entity-id= https://auth.icoopeb.org/cas/sp/uniandes cas.authn.pac4j.saml[8].service-provider-metadata-path=/etc/cas/config/sp-metadata-uniandes.xml cas.authn.pac4j.saml[8].keystore-path=/etc/cas/config/samlKeystore-uniandes.jks cas.authn.pac4j.saml[8].identity-provider-metadata-path= https://login.uniandes.cedia.edu.ec/saml2/idp/metadata.php cas.authn.pac4j.saml[8].destination-binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect cas.authn.pac4j.saml[8].client-name=idpuniandes cas.authn.pac4j.saml[8].display-name=UNIANDES cas.authn.pac4j.saml[8].logout-request-binding= If I understand what you're proposing, I have to do this: cas.authn.pac4j.saml[6].keystore-password=password1 cas.authn.pac4j.saml[6].private-key-password=password2 cas.authn.pac4j.saml[6].service-provider-entity-id= https://auth.icoopeb.org/cas/sp/all cas.authn.pac4j.saml[6].service-provider-metadata-path=/etc/cas/config/sp-metadata-all.xml cas.authn.pac4j.saml[6].keystore-path=/etc/cas/config/samlKeystore-all.jks cas.authn.pac4j.saml[6].identity-provider-metadata-path= https://idp-cafe.ufra.edu.br/idp/shibboleth cas.authn.pac4j.saml[6].destination-binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect cas.authn.pac4j.saml[6].client-name=idpufra cas.authn.pac4j.saml[6].display-name=UFRA cas.authn.pac4j.saml[6].logout-request-binding= cas.authn.pac4j.saml[7].keystore-password=password1 cas.authn.pac4j.saml[7].private-key-password=password2 cas.authn.pac4j.saml[7].service-provider-entity-id= https://auth.icoopeb.org/cas/sp/all cas.authn.pac4j.saml[7].service-provider-metadata-path=/etc/cas/config/sp-metadata-all.xml cas.authn.pac4j.saml[7].keystore-path=/etc/cas/config/samlKeystore-all.jks cas.authn.pac4j.saml[7].identity-provider-metadata-path= https://login.uce.cedia.edu.ec/saml2/idp/metadata.php cas.authn.pac4j.saml[7].destination-binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect cas.authn.pac4j.saml[7].client-name=idpuce cas.authn.pac4j.saml[7].display-name=Universidad Central del Ecuador cas.authn.pac4j.saml[7].logout-request-binding= Best regards Le mer. 10 juil. 2024 à 00:37, Ray Bon <r...@uvic.ca> a écrit : > Wouldsmina, > > Once your SP metadata is in the specified location, cas will not recreate > it. > Are you using a different entityId or key for each IdP? That is not > necessary. > > Ray > ------------------------------ > *From:* cas-user@apereo.org <cas-user@apereo.org> on behalf of wouldsmina > <wouldsm...@gmail.com> > *Sent:* 09 July 2024 02:03 > *To:* CAS Community <cas-user@apereo.org> > *Subject:* [cas-user] Delegated Authentication SAML2 : Single EntityID > > You don't often get email from wouldsm...@gmail.com. Learn why this is > important <https://aka.ms/LearnAboutSenderIdentification> > Hello, > I want to use identity delegation to allow other IdPs to authenticate a > number of my services. I was inspired by this documentation: > https://fawnoos.com/2023/10/04/cas66-delegate-authn-saml2-idp/. But I > notice that for each declared IdP, CAS produces different EntityId and > metadatas. > > The IdPs concerned are part of the EduGain identity federation and I'd > like to declare a single SP (for simplicity and to comply with the > charter). Do you know if it's possible to configure CAS to create a single > EntityId for all declared IdPs? > > Best regards, > Wouldsmina > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAH2NqNbBoMTU5rSOvnupAoykoEmyV-1_GtRtmkU2%3D4j7Lih2Hw%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAH2NqNbBoMTU5rSOvnupAoykoEmyV-1_GtRtmkU2%3D4j7Lih2Hw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/YT3PR01MB9946D4056045A7C6FDEBA002CEDB2%40YT3PR01MB9946.CANPRD01.PROD.OUTLOOK.COM > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/YT3PR01MB9946D4056045A7C6FDEBA002CEDB2%40YT3PR01MB9946.CANPRD01.PROD.OUTLOOK.COM?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAH2NqNZLM%3DwDRQ-peG2fX0Ezfx9UNA-NecFNNqBSn-yTN%2BoPcQ%40mail.gmail.com.
