| 9 Mar 2024 |
 raitobezarius | And honestly every time I tried to replicate certain setups with OIDC, it made me appreciate the thoughtfulness of the SAML design | 01:54:43 |
 hexa | pretty sure people go for saml for poltiical or structural reasons only | 01:54:52 |
| raitobezarius | Now, my position is more I wish there were Kanidm for SAML | 01:54:54 |
| raitobezarius | And I'd probably use more SAML in my infrastructure if I could do that | 01:55:06 |
| hexa | keycloak? 😛 | 01:55:16 |
| raitobezarius | Keycloak does not know how to implement SAML | 01:55:22 |
| hexa | who does though? 😄 | 01:55:36 |
| raitobezarius | don't tell me 'see?' :D | 01:55:37 |
| raitobezarius | In reply to @hexa:lossy.network
who does though? 😄 Well, Apereo folks does OK things in that area | 01:55:49 |
| hexa | so CAS? | 01:55:59 |
| raitobezarius | It's honest even though I hate Java Enterprise | 01:56:37 |
| raitobezarius | (it hurts me to say it ok) | 01:56:49 |
| hexa | ❯ rg apereo
pkgs/development/php-packages/phing/composer.lock
4672: "apereo/phpcas": "<1.6",
| 01:57:03 |
| hexa | 🤡 | 01:57:08 |
| raitobezarius | what is this supposed to mean :D | 01:57:24 |
| hexa | take the best of both worlds | 01:57:27 |
| raitobezarius | But honestly, you say 'added complexity of SAML', I wonder how much this complexity has been inflicted by the bad reputation of SAML via corporate vendors | 01:57:40 |
| raitobezarius | OIDC was/is also very complicated | 01:57:47 |
| raitobezarius | I wonder why that complexity is also accepted | 01:58:14 |
