Help choosing a path for shibboleth integration
Talkyard is an amazing piece of software. I'm hoping to use it to help researchers at my university share best practices and help each other with data analysis. You can see an example version of the site at https://www.mit.edu/~realdata/help/ .
I'm trying to move the website to be a subdomain of the university website and have people log in using their university credentials. They use Shibboleth and they only support the Apache's Shibboleth module. Our IS+T department is helping me and offered two paths they thought were possible and I wanted to see what you thought before proceeding.
In the past they supported another service that ran on nginx by having both Apache and nginx running on the same server.
They also run and support a CAS server that they use for their GitHub integration.
I'm very inexperienced when it comes to auth questions, so I'm not sure if either of these is obviously easier to integrate with Talkyard, or if I'd need more information from IS+T before choosing. Do you have any thoughts?
- 1 replies
- KajMagnus @KajMagnus2020-04-09 12:34:12.422Z
Hi Joseph: Alt 2 should work, not now but soon. — As per the CAS docs, CAS supports OpenID Connect (OIDC), which I have in mind to add to Talkyard. I hope to start with that next week — will probably take one or two weeks.
Would you like to ask the IS+T people if the CAS server supports OIDC? (not impossible the CAS server version is old, or something else, so that it does not yet support OIDC)
The Apache Shibboleth module — that's the Apache Web Server plus
mod_shib? Would you like to ask them if that's correct, and if
mod_shibsupports OIDC or not? (I think it doesn't, I think it's for SAML only)
Thanks for the link to the example version of the site