advertisement

Shibboleth - A technical perspective

50 %
50 %
advertisement
Information about Shibboleth - A technical perspective

Published on December 17, 2007

Author: rsc_southeast

Source: slideshare.net

advertisement

A technical perspective John Potter e-learning adviser (learning technology) JISC RSC-Southeast

What is Shibboleth “ Shibboleth provides a standards-based link between existing campus authentication systems and resource providers of all kinds that makes it easier for users to gain, and resouce providers to control, access to protected Web resources.” Seperates delivery from authentication

“ Shibboleth provides a standards-based link between existing campus authentication systems and resource providers of all kinds that makes it easier for users to gain, and resouce providers to control, access to protected Web resources.”

Seperates delivery from authentication

How it works

What’s good about it? 3 step attribute based system Service Provider site requests user attributes from Identity Provider Identity Provider site authenticates user and supplies Attributes Service Provider site makes an Access Control Decision

3 step attribute based system

Service Provider site requests user attributes from Identity Provider

Identity Provider site authenticates user and supplies Attributes

Service Provider site makes an Access Control Decision

Getting the attributes The 3 step attribute transaction

Attributes Where do they come from? What attibutes are passed? Is there a standard for attributes?

Where do they come from?

What attibutes are passed?

Is there a standard for attributes?

Attributes Where do they come from? Organisations directory services + attribute store What attibutes are passed? Can be anything Is there a standard for attributes? Yes, EduPerson and UkEduPerson

Where do they come from?

Organisations directory services + attribute store

What attibutes are passed?

Can be anything

Is there a standard for attributes?

Yes, EduPerson and UkEduPerson

Idp Software components Java - Sun J2SE JDK A webserver with SSL Apache, IIS A Java servlet engine or application server Tomcat, IBM Websphere, BEA Weblogic A user information store Directory, Database, flat file A Web SSO system Pubcookie Shibboleth Identity Provider Bundle

Java - Sun J2SE JDK

A webserver with SSL

Apache, IIS

A Java servlet engine or application server

Tomcat, IBM Websphere, BEA Weblogic

A user information store

Directory, Database, flat file

A Web SSO system

Pubcookie

Shibboleth Identity Provider Bundle

Implementation skills assuming an Open source approach: Familiarity with unix/linux Experience in installing and using Apache/SSL Familiarilty with Java and experience using a servlet engine Some familiarity with Directories and Schema

assuming an Open source approach:

Familiarity with unix/linux

Experience in installing and using Apache/SSL

Familiarilty with Java and experience using a servlet engine

Some familiarity with Directories and Schema

Help! The UK federation development team is working on streamlining the installation of the Idp software by creating a Windows installer package. This will be available to the community at no cost. Organisations, who are interested in testing the installer package should contact Josh Howlett (josh.howlett at ja.net) for further information.

The UK federation development team is working on streamlining the installation of the Idp software by creating a Windows installer package. This will be available to the community at no cost.

Organisations, who are interested in testing the installer package should contact Josh Howlett (josh.howlett at ja.net) for further information.

More help! UK HE and FE institutions can apply for support from the JISC Institutional Access Management SupportProject (JIAMSP). Two support programmes :- January to April 2008 May to August 2008.

UK HE and FE institutions can apply for support from the JISC Institutional Access Management SupportProject (JIAMSP).

Two support programmes :-

January to April 2008

May to August 2008.

Yet More help! JISC and Nestskils are providing free places on a three day training event covering the key skills required to implement the IdP. 15-17th January 2008 Shoreditch, London.

JISC and Nestskils are providing free places on a three day training event covering the key skills required to implement the IdP.

15-17th January 2008

Shoreditch, London.

Add a comment

Related pages

Shibboleth - Developers - IdP One Time Password SMS ...

From the brief descriptions provided, I can see why the one-time password (OTP) feature [1] depends on IdP version 3. From a technical perspective, can the ...
Read more

Shibboleth A Technical Overview - SlideServe

Shibboleth A Technical Overview. Follow. By imala; On 06-27-2012; 113 Views; Shibboleth-intro-dec05. 2. What is Shibboleth?. Shibboleth provides cross ...
Read more

Using Shibboleth to enable access to distributed PDP material

not essential from a technical perspective to protect the provider institution’s web ... Using Shibboleth to enable access to distributed PDP material
Read more

The Status of Shibboleth

Technical Brief Authentication: The Status of Shibboleth Arnie Miles, Georgetown University 24 February, 2009 Technical briefs are prepared for use by ...
Read more

Integrating a Shibboleth IdP with Microsoft Active Directory

Integrating a Shibboleth IdP with Active Directory ... This document is a low-level technical document which ... From a technology perspective, ...
Read more

A Technical Perspective in Modern Tree-ring Research ...

Create an Account Forgot Password Sign in with Shibboleth. ... A Technical Perspective in Modern Tree-ring Research ... mostly due to technical aspects.
Read more

Shibboleth - Users - Shibboleth vs OpenSSO

Shibboleth vs OpenSSO. Hi, I've been doing some research around a true sso solution and shibboleth and opensso/openam have come up as options. How do they ...
Read more

Lech Wojtowicz - Open Conference Systems | Public ...

Implementing Shibboleth: Two perspectives Lech Wojtowicz EBSCO Publishing. Glen Newton CISTI, NRC. Abstract View Newton's presentation View Wojtowicz's ...
Read more