Steven, That would be handy for us as well (currently we use shibboleth for SAML2 services but are planning to move everything into one or the other system). LDAP is not listed as an optionhttps://apereo.github.io/cas/7.2.x/installation/Configuring-SAML2-DynamicMetadata.html#advanced
Ray ________________________________ From: cas-user@apereo.org <cas-user@apereo.org> on behalf of steven gladwell <steven.gladw...@gmail.com> Sent: April 30, 2025 05:26 To: CAS Community <cas-user@apereo.org> Subject: [cas-user] Confirming Support for Storing SAML XML Metadata in LDAP You don't often get email from steven.gladw...@gmail.com. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification> I'm working on a multi-node Apereo CAS 7.1.x deployment and exploring options for managing SAML SP metadata centrally. I understand that CAS supports externalized metadata via file system, URLs, and dynamic resolution. However, I'd like to confirm: * Does CAS officially support storing SAML XML metadata directly in LDAP? * For example, storing the raw or Base64-encoded XML in an LDAP attribute such as metadata under a casRegisteredService entry. * If so, is there official documentation or recommended configuration patterns to enable CAS to resolve metadata from LDAP entries directly? * Are there caching mechanisms in CAS that can be applied to such an LDAP-resolved metadata model (e.g., in-memory or EHCache)? The goal is to avoid managing local XML files or per-node mounts, and instead maintain metadata centrally in LDAP, while still benefiting from in-memory caching per node. Any confirmation, advice, or examples would be greatly appreciated. Thanks! -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1dcc371b-5f16-4000-a1b5-9a7215cec79an%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/1dcc371b-5f16-4000-a1b5-9a7215cec79an%40apereo.org?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/YQBP288MB008195994FECA2114861AA8FCE832%40YQBP288MB0081.CANP288.PROD.OUTLOOK.COM.
