Jesse, To be clear, is the iOS app running on the user's device, or is safari connecting to an app running on your web server?
You can not switch protocols in the middle of the authentication process (at least I have not heard such a thing). The authentication process can happen fully within safari (as it does on a desktop / laptop computer), the protocol can be cas or saml or something else. Ideally there is a trust between an IdP and a SP. If you control both, then you could probably do non standard / non recommended things. Take a look at https://apereo.github.io/cas/7.0.x/protocol/Protocol-Overview.html and the links therein to understand how the various protocols work. Ray ________________________________ From: cas-user@apereo.org <cas-user@apereo.org> on behalf of Essey T <jessetez...@gmail.com> Sent: 24 July 2024 20:25 To: cas-user@apereo.org <cas-user@apereo.org> Subject: Re: [cas-user] Saml2 You don't often get email from jessetez...@gmail.com. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification> Ray, The iOS app is using CAS protocol. But we want to implement SAML feature, can I use iOS as service provider, web browser application as Service provider 2, and IDP CAS. Is it possible to send Saml request and receive SAML response to SP2(web browser app) to validated the assertion and open session for the user. Or is there way to do SSO login using CAS from iOS to safari On Wed, Jul 24, 2024 at 22:10 Ray Bon <r...@uvic.ca<mailto:r...@uvic.ca>> wrote: Jesse, What authentication protocols are available for your iOS app? ServiceTicket is part of CAS protocol (different from cas service / IdP); SAML is another protocol. Cas service supports other protocols. Whatever protocol you want to use, you need a client / service provider / relying party to handle the response from cas. The SP is typically associated with the application(s) being protected, not on a users device. Ray ________________________________ From: cas-user@apereo.org<mailto:cas-user@apereo.org> <cas-user@apereo.org<mailto:cas-user@apereo.org>> on behalf of Jesse <jessetez...@gmail.com<mailto:jessetez...@gmail.com>> Sent: 24 July 2024 15:36 To: CAS Community <cas-user@apereo.org<mailto:cas-user@apereo.org>> Subject: [cas-user] Saml2 You don't often get email from jessetez...@gmail.com<mailto:jessetez...@gmail.com>. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification> We are trying to use cas as IDP and IOS app as ServiceProvider and we want to land from ios app(has ServiceTicket) to safari(web application) without login using saml2. Is there a way to handle this? We came up with getting saml request from ios to cas and getting saml response back but saml response is too big to pass it in the url to the web browser application. Any design or secure way to do it with saml and how we can land without login again in the web browser. -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/a2800488-9813-49af-8b1b-81c3cb1a69dan%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/a2800488-9813-49af-8b1b-81c3cb1a69dan%40apereo.org?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/YT3PR01MB99463198E27058369D44BCFACEAB2%40YT3PR01MB9946.CANPRD01.PROD.OUTLOOK.COM<https://groups.google.com/a/apereo.org/d/msgid/cas-user/YT3PR01MB99463198E27058369D44BCFACEAB2%40YT3PR01MB9946.CANPRD01.PROD.OUTLOOK.COM?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAHxB8K3jhDdGogiPXAJyxbKjs%2Bt1pXjmXjPPNbT1hfzF-Dypfw%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAHxB8K3jhDdGogiPXAJyxbKjs%2Bt1pXjmXjPPNbT1hfzF-Dypfw%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/YT3PR01MB9946B77726524B66EE70094ACEAB2%40YT3PR01MB9946.CANPRD01.PROD.OUTLOOK.COM.
