CAS vs SAML Protocols

Here is a potential source of confusion. Recent versions of CAS can support both the SAML 2.0 and CAS 3.0 protocols. They are not the same. Furthermore, our current CAS deployment will *only* support the CAS protocol, and *not* the SAML protocol[1].

The CAS protocol may provide attributes for an authenticated user using its samlValidate method. This method is its means to provide a SAML-like response via the *CAS* protocol.

Our Shibboleth Identity Provider Service supports SAML 2.0.



[1] Historical reasons for this... CAS support for SAML is relatively recent, not available when we originally deployed CAS. Instead, we use the Shibboleth IdP service to support the SAML protocol.