We're investigating converting our UAA from a custom fork that integrates
with our organization's SSO to the stock UAA using SAML and/or LDAP. We
would like to maintain SSO functionalities for our web tools but after
doing some reading SAML for the CLI might not work the way we expect it.
In order to log into the CLI when using SAML does it require the user to go
to a web page and get a one time login token? cf login --sso? If so, I
don't think that will work for our and some CLI deployment automation we do.
Is it possible to configure UAA to use both SAML and LDAP? The CLI could
use LDAP and the web use SAML?