0
A technical perspective John Potter e-learning adviser (learning technology) JISC RSC-Southeast
What is Shibboleth <ul><li>“ Shibboleth provides a standards-based link between existing campus authentication systems and...
How it works
What’s good about it? <ul><li>3 step   attribute based system </li></ul><ul><li>Service Provider site requests user attrib...
Getting the attributes The 3 step attribute transaction
Attributes <ul><li>Where do they  come from? </li></ul><ul><li>What attibutes are passed? </li></ul><ul><li>Is there a sta...
Attributes <ul><li>Where do they  come from? </li></ul><ul><ul><ul><li>Organisations directory services + attribute store ...
Idp Software components <ul><li>Java - Sun J2SE JDK </li></ul><ul><li>A webserver with SSL </li></ul><ul><ul><ul><li>Apach...
Implementation skills <ul><li>assuming an Open source approach: </li></ul><ul><li>Familiarity with unix/linux </li></ul><u...
Help!  <ul><li>The UK federation development team is working on streamlining the installation of the Idp software by creat...
More help! <ul><li>UK HE and FE institutions can apply for support from the JISC Institutional Access Management SupportPr...
Yet More help! <ul><li>JISC and Nestskils are providing free places on a three day training event covering the key skills ...
Upcoming SlideShare
Loading in...5
×

Shibboleth - A technical perspective

2,045

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
2,045
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
63
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Shibboleth - A technical perspective"

  1. 1. A technical perspective John Potter e-learning adviser (learning technology) JISC RSC-Southeast
  2. 2. What is Shibboleth <ul><li>“ Shibboleth provides a standards-based link between existing campus authentication systems and resource providers of all kinds that makes it easier for users to gain, and resouce providers to control, access to protected Web resources.” </li></ul><ul><li>Seperates delivery from authentication </li></ul>
  3. 3. How it works
  4. 4. What’s good about it? <ul><li>3 step attribute based system </li></ul><ul><li>Service Provider site requests user attributes from Identity Provider </li></ul><ul><li>Identity Provider site authenticates user and supplies Attributes </li></ul><ul><li>Service Provider site makes an Access Control Decision </li></ul>
  5. 5. Getting the attributes The 3 step attribute transaction
  6. 6. Attributes <ul><li>Where do they come from? </li></ul><ul><li>What attibutes are passed? </li></ul><ul><li>Is there a standard for attributes? </li></ul>
  7. 7. Attributes <ul><li>Where do they come from? </li></ul><ul><ul><ul><li>Organisations directory services + attribute store </li></ul></ul></ul><ul><li>What attibutes are passed? </li></ul><ul><ul><ul><li>Can be anything </li></ul></ul></ul><ul><li>Is there a standard for attributes? </li></ul><ul><ul><ul><li>Yes, EduPerson and UkEduPerson </li></ul></ul></ul>
  8. 8. Idp Software components <ul><li>Java - Sun J2SE JDK </li></ul><ul><li>A webserver with SSL </li></ul><ul><ul><ul><li>Apache, IIS </li></ul></ul></ul><ul><li>A Java servlet engine or application server </li></ul><ul><ul><ul><li>Tomcat, IBM Websphere, BEA Weblogic </li></ul></ul></ul><ul><li>A user information store </li></ul><ul><ul><ul><li>Directory, Database, flat file </li></ul></ul></ul><ul><li>A Web SSO system </li></ul><ul><ul><ul><li>Pubcookie </li></ul></ul></ul><ul><li>Shibboleth Identity Provider Bundle </li></ul>
  9. 9. Implementation skills <ul><li>assuming an Open source approach: </li></ul><ul><li>Familiarity with unix/linux </li></ul><ul><li>Experience in installing and using Apache/SSL </li></ul><ul><li>Familiarilty with Java and experience using a servlet engine </li></ul><ul><li>Some familiarity with Directories and Schema </li></ul>
  10. 10. Help! <ul><li>The UK federation development team is working on streamlining the installation of the Idp software by creating a Windows installer package. This will be available to the community at no cost. </li></ul><ul><li>Organisations, who are interested in testing the installer package should contact Josh Howlett (josh.howlett at ja.net) for further information. </li></ul>
  11. 11. More help! <ul><li>UK HE and FE institutions can apply for support from the JISC Institutional Access Management SupportProject (JIAMSP). </li></ul><ul><li>Two support programmes :- </li></ul><ul><li>January to April 2008 </li></ul><ul><li>May to August 2008. </li></ul>
  12. 12. Yet More help! <ul><li>JISC and Nestskils are providing free places on a three day training event covering the key skills required to implement the IdP. </li></ul><ul><li>15-17th January 2008 </li></ul><ul><li>Shoreditch, London. </li></ul>
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×