Shibboleth - A technical perspective
Upcoming SlideShare
Loading in...5
×
 

Shibboleth - A technical perspective

on

  • 2,950 views

 

Statistics

Views

Total Views
2,950
Views on SlideShare
2,949
Embed Views
1

Actions

Likes
0
Downloads
62
Comments
0

1 Embed 1

http://www.slideshare.net 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

CC Attribution-NonCommercial-ShareAlike LicenseCC Attribution-NonCommercial-ShareAlike LicenseCC Attribution-NonCommercial-ShareAlike License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Shibboleth - A technical perspective Shibboleth - A technical perspective Presentation Transcript

    • A technical perspective John Potter e-learning adviser (learning technology) JISC RSC-Southeast
    • What is Shibboleth
      • “ Shibboleth provides a standards-based link between existing campus authentication systems and resource providers of all kinds that makes it easier for users to gain, and resouce providers to control, access to protected Web resources.”
      • Seperates delivery from authentication
    • How it works
    • What’s good about it?
      • 3 step attribute based system
      • Service Provider site requests user attributes from Identity Provider
      • Identity Provider site authenticates user and supplies Attributes
      • Service Provider site makes an Access Control Decision
    • Getting the attributes The 3 step attribute transaction
    • Attributes
      • Where do they come from?
      • What attibutes are passed?
      • Is there a standard for attributes?
    • Attributes
      • Where do they come from?
          • Organisations directory services + attribute store
      • What attibutes are passed?
          • Can be anything
      • Is there a standard for attributes?
          • Yes, EduPerson and UkEduPerson
    • Idp Software components
      • Java - Sun J2SE JDK
      • A webserver with SSL
          • Apache, IIS
      • A Java servlet engine or application server
          • Tomcat, IBM Websphere, BEA Weblogic
      • A user information store
          • Directory, Database, flat file
      • A Web SSO system
          • Pubcookie
      • Shibboleth Identity Provider Bundle
    • Implementation skills
      • assuming an Open source approach:
      • Familiarity with unix/linux
      • Experience in installing and using Apache/SSL
      • Familiarilty with Java and experience using a servlet engine
      • Some familiarity with Directories and Schema
    • Help!
      • The UK federation development team is working on streamlining the installation of the Idp software by creating a Windows installer package. This will be available to the community at no cost.
      • Organisations, who are interested in testing the installer package should contact Josh Howlett (josh.howlett at ja.net) for further information.
    • More help!
      • UK HE and FE institutions can apply for support from the JISC Institutional Access Management SupportProject (JIAMSP).
      • Two support programmes :-
      • January to April 2008
      • May to August 2008.
    • Yet More help!
      • JISC and Nestskils are providing free places on a three day training event covering the key skills required to implement the IdP.
      • 15-17th January 2008
      • Shoreditch, London.