SlideShare a Scribd company logo

2016 09-15 unicon-iam-update

Download as PPTX, PDF
Lasbrey Nwachukwu
Lasbrey Nwachukwu

September 15, 2016 Unicon IAM Quarterly briefing.

Education
1 of 29
Unicon IAM Webinar CAS, Shibboleth, Grouper 15 September 2016 - 11am Pacific Time (PT) Mike Grady • Dmitriy Kopylenko • John Gasper Join from PC, Mac, Linux, iOS or Android: https://unicon.zoom.us/j/588322739 Or iPhone one-tap (US Toll): +16465588656,588322739# or +14086380968,588322739# Or Telephone: Dial: +1 646 558 8656 (US Toll) or +1 408 638 0968 (US Toll) Meeting ID: 588 322 739
Welcome • Community updates • Unicon contributions • Q&A
Presenters Mike Grady Shibboleth IDP | Shibboleth SP Dmitriy Kopylenko CAS John Gasper Grouper Charise Arrowood MC
Events & Trends
• OpenID Connect Workshop: 22-23, 24-25 Feb 2016 in Denver, CO • Open Apereo Conference: 22-25 May 2016 in NYC • 2016 Internet2 Global Summit: 15–18 May, Chicago, IL Past Events
• Internet2 2016 Technology Exchange: 25-29 Sept, Miami, FL • EDUCAUSE 2016 Annual Conference: 25-28 Oct, Anaheim, CA • InCommon Shibboleth Workshop: 27-28 Oct, Long Beach, CA • 2017 Internet2 Global Summit: 23–26 Apr, Washington, DC • 2017 Open Apereo: 4-8 June, Philadelphia, PA Upcoming Events
IAM Trends •MFA for Shibboleth, CAS ○Risk-based Adaptive AuthN •OpenID Connect •TIER: Packaging, APIs, Person Registry, ... •SAML Integrations w/ O365 & ADFS •Metadata Query (MDQ) Protocol
IAM Trends •IAM in the Cloud ○Hosted SSO services and more ○Unicon’s offering: https://www.unicon.net/solutions/IAM-cloud
IDP | SP Mike Grady Unicon Contributions
News ● Identity Provider V2.4.5, OpenSAML 2.6.6 ○ EOL !!!! V2 full End-Of-Life date was July 31, 2016 ○ 2.4.4 was last 2.x “minimum safe release” ● Service Provider V2.6.0 Now Available ○ Includes a new version of the Xerces XML parser that addresses Apache Xerces-C XML Parser library versions prior to V3.1.4 security vulnerability
Shibboleth Versions ● Latest versions: ○ IdP v3.2.1 (19 Dec 2015) ○ V3.1.1 considered “minimum safe release” ○ SP v2.6.0 (27 June 2016) ● v3.2.0 and v3.2.1 released ○ HTML5 local storage ○ SLO: Front channel SAML and CAS ○ SPNEGO authentication ○ Bug fixes
Now Past End-Of-Life ….. How soon that is a significant problem is unknown, could be tomorrow, could be months, but you need to have a plan to upgrade. Shibboleth 2.x Lifetime
IdP: OpenID Connect https://github.com/uchicago/shibboleth-oidc ●Authorization/Implicit Flow ●Dynamic Discovery ●Standard/Custom claims ●Certified by OpenID foundation for University of Chicago
Shib-CAS AuthN v3 https://github.com/Unicon/shib-cas-authn3 ● v3.1.0 ○ Shibboleth IdP v3.X support ○ Fixed encoding on entityId/service parameters. ● Plan to produce a version where attributes returned from CAS are available to the IdP, and the AuthN Context Class w.r.t MFA. ○ Info from CAS coming back is done, now need a “data connector” to expose it for use within the IdP
Other/Ongoing work ● Hazelcast Storage Service https://github.com/UniconLabs/shibboleth-hazelcast-storage-service ● Duo Support for IdP v3 https://github.com/Unicon/shib-mfa-duo-auth ●Shib IdP as a Gradle Overlay https://github.com/UniconLabs/shibboleth-idp-gradle-overlay ● IdP v3 powered by Docker https://github.com/unicon/shibboleth-idp-dockerized
Other/Ongoing work ● Split Authn ○ Support for users coming from 2 different Authentication/Attribute sources in distinct config files, only one or the other used for Authn and Resolver for any given authentication. ○ Easy to “hard code” attributes based on source (“role”) chosen. “Role” choice on Login page. ○ Demo with 2 LDAP servers, but should work with any 2 sources ○ https://github.com/Unicon/ccc-shib-split-authn
Other/Ongoing work ● Coming Soon: Symantec VIP MFA ○ Token Authentication ○ OTP Authentication ○ Push Authentication ○ Risk based Authentication ○ Sponsored by the University of Wisconsin - Whitewater ○ Work done, but not yet “fully generalized” for open source
Shib IdP v3.3 ● Next version of Shib IdP due by late 2016 ● Improvements to logout options and accessibility aspects of such ● Adding in more built-in support for metadata filtering, more “conditionals”, etc. ● New login flow(s) allowing combining factors in what the Shib Dev core team believes will be a more manageable/predictable way
Shib IdP v3.3 ● Looks like an “out-of-the-box” Duo flow will be part of it ●Unicon will need to determine if our current Duo plugin should be “retired” or updated for the new version. ○ Or if there are updates to the supplied one that make sense to add ● Unicon will need to verify and/or “modify” our other current authentication flow add-ons
Highlights Dmitriy Kopylenko Unicon Contributions
CAS v4.2 ● v4.2.5 is the current version ○ Dynamic Plug-N-Play module configuration ○ ADFS/WS-FED delegated authN ○ UIs to manage SSO sessions/statistics ○ BASIC, JWT, Shiro, MongoDB, Stormpath authN ○ Couchbase, Ignite, Infinispan ticket registries ○ ABAC via attributes, time, or Grouper ●See http://jasig.github.io/cas/4.2.x/index.html
CAS v5.0.0 ● Tentative release date: October 2016 ● Current release: 5.0.0.RC1 ● Major features: ○ MFA via DuoSecurity, RADIUS, YubiKey ■ Risk-based adaptive authN ○ SAML2 Web SSO support ○ OAuth/OIDC support ○ Full internal config re-architecture via Spring Boot ○ Java 8
Other/Ongoing work ● Auto config for CAS Java clients https://github.com/Unicon/cas-client-autoconfig-support ● Delegated SAML authN for CAS 3.5.x https://github.com/UniconLabs/cas-saml-auth ● Bootstrap CAS via a Gradle overlay: https://github.com/UniconLabs/cas-strap
Further CAS Resources ● CAS maintenance policy: https://apereo.github.io/cas/developer/Maintenance- Policy.html ● Apereo Blog: https://apereo.github.io/
John Gasper Unicon Contributions
Grouper v2.3.0 ● Can run multiple simultaneous Loader/Daemon instances ●WS: Manage attribute/permission defs; TIER authorization ●PSP-NG: New Grouper provisioner ○ LDAP and AD connectors built-in ●Exporting tree to GSH script. ●Lots of patches: ○ API: 24, UI: 8, WS: 5, PSP-NG: 2
Other/Ongoing work ●Internet2 Grouper Dockerized: Composable images/containers https://github.com/Unicon/grouper-dockerized ● Grouper-Demo for Docker https://hub.docker.com/r/unicon/grouper-demo/ ● Custom Provisioning Target Form https://github.com/Unicon/grouper-provisioning-target-ui ● Azure AD (Office 365) Provisioner https://github.com/Unicon/office365-and-azure-ad-grouper- provisioner
Docker Demo Grouper environment based on the composable images/container
Questions / Discussion Mike Grady mgrady@unicon.net Dmitry Kopylenko dkopylenko@unicon.net John Gasper jgasper@unicon.net

Recommended

stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...NETWAYS
 
stackconf 2021 | GitOps: yea or nay?
stackconf 2021 | GitOps: yea or nay?stackconf 2021 | GitOps: yea or nay?
stackconf 2021 | GitOps: yea or nay?NETWAYS
 
stackconf 2021 | Setup Min.io and Open Policy Agent for a multi purpose scien...
stackconf 2021 | Setup Min.io and Open Policy Agent for a multi purpose scien...stackconf 2021 | Setup Min.io and Open Policy Agent for a multi purpose scien...
stackconf 2021 | Setup Min.io and Open Policy Agent for a multi purpose scien...NETWAYS
 
FIWARE Wednesday Webinars - Strategies for Context Data Persistence
FIWARE Wednesday Webinars - Strategies for Context Data PersistenceFIWARE Wednesday Webinars - Strategies for Context Data Persistence
FIWARE Wednesday Webinars - Strategies for Context Data PersistenceFIWARE
 
stackconf 2021 | Continuous Security – integrating security into your pipelines
stackconf 2021 | Continuous Security – integrating security into your pipelinesstackconf 2021 | Continuous Security – integrating security into your pipelines
stackconf 2021 | Continuous Security – integrating security into your pipelinesNETWAYS
 
FIWARE Wednesday Webinars - How to Debug IoT Agents
FIWARE Wednesday Webinars - How to Debug IoT AgentsFIWARE Wednesday Webinars - How to Debug IoT Agents
FIWARE Wednesday Webinars - How to Debug IoT AgentsFIWARE
 
stackconf 2021 | Embracing change: Policy-as-code for Kubernetes with OPA and...
stackconf 2021 | Embracing change: Policy-as-code for Kubernetes with OPA and...stackconf 2021 | Embracing change: Policy-as-code for Kubernetes with OPA and...
stackconf 2021 | Embracing change: Policy-as-code for Kubernetes with OPA and...NETWAYS
 
FIWARE Wednesday Webinars - Short Term History within Smart Systems
FIWARE Wednesday Webinars - Short Term History within Smart SystemsFIWARE Wednesday Webinars - Short Term History within Smart Systems
FIWARE Wednesday Webinars - Short Term History within Smart SystemsFIWARE
 

Recommended

stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...NETWAYS
 
stackconf 2021 | GitOps: yea or nay?
stackconf 2021 | GitOps: yea or nay?stackconf 2021 | GitOps: yea or nay?
stackconf 2021 | GitOps: yea or nay?NETWAYS
 
stackconf 2021 | Setup Min.io and Open Policy Agent for a multi purpose scien...
stackconf 2021 | Setup Min.io and Open Policy Agent for a multi purpose scien...stackconf 2021 | Setup Min.io and Open Policy Agent for a multi purpose scien...
stackconf 2021 | Setup Min.io and Open Policy Agent for a multi purpose scien...NETWAYS
 
FIWARE Wednesday Webinars - Strategies for Context Data Persistence
FIWARE Wednesday Webinars - Strategies for Context Data PersistenceFIWARE Wednesday Webinars - Strategies for Context Data Persistence
FIWARE Wednesday Webinars - Strategies for Context Data PersistenceFIWARE
 
stackconf 2021 | Continuous Security – integrating security into your pipelines
stackconf 2021 | Continuous Security – integrating security into your pipelinesstackconf 2021 | Continuous Security – integrating security into your pipelines
stackconf 2021 | Continuous Security – integrating security into your pipelinesNETWAYS
 
FIWARE Wednesday Webinars - How to Debug IoT Agents
FIWARE Wednesday Webinars - How to Debug IoT AgentsFIWARE Wednesday Webinars - How to Debug IoT Agents
FIWARE Wednesday Webinars - How to Debug IoT AgentsFIWARE
 
stackconf 2021 | Embracing change: Policy-as-code for Kubernetes with OPA and...
stackconf 2021 | Embracing change: Policy-as-code for Kubernetes with OPA and...stackconf 2021 | Embracing change: Policy-as-code for Kubernetes with OPA and...
stackconf 2021 | Embracing change: Policy-as-code for Kubernetes with OPA and...NETWAYS
 
FIWARE Wednesday Webinars - Short Term History within Smart Systems
FIWARE Wednesday Webinars - Short Term History within Smart SystemsFIWARE Wednesday Webinars - Short Term History within Smart Systems
FIWARE Wednesday Webinars - Short Term History within Smart SystemsFIWARE
 
Portable data analysis infrastracture for LHC at INFN -vCHEP2021
Portable data analysis infrastracture for LHC at INFN -vCHEP2021Portable data analysis infrastracture for LHC at INFN -vCHEP2021
Portable data analysis infrastracture for LHC at INFN -vCHEP2021Diego Ciangottini
 
Security: The Value of SBOMs
Security: The Value of SBOMsSecurity: The Value of SBOMs
Security: The Value of SBOMsWeaveworks
 
FIWARE Wednesday Webinars - Core Context Management
FIWARE Wednesday Webinars - Core Context ManagementFIWARE Wednesday Webinars - Core Context Management
FIWARE Wednesday Webinars - Core Context ManagementFIWARE
 
Yann Albou & Sébastien Féré - GitOps as a way to manage enterprise K8s and vi...
Yann Albou & Sébastien Féré - GitOps as a way to manage enterprise K8s and vi...Yann Albou & Sébastien Féré - GitOps as a way to manage enterprise K8s and vi...
Yann Albou & Sébastien Féré - GitOps as a way to manage enterprise K8s and vi...matteo mazzeri
 
Maria Guseva - The solution of merge hell in monorepo
Maria Guseva - The solution of merge hell in monorepoMaria Guseva - The solution of merge hell in monorepo
Maria Guseva - The solution of merge hell in monorepomatteo mazzeri
 
How to get Away with K8S - Becoming Production
How to get Away with K8S - Becoming ProductionHow to get Away with K8S - Becoming Production
How to get Away with K8S - Becoming ProductionAmanda Quinto
 
Making your app soar without a container manifest
Making your app soar without a container manifestMaking your app soar without a container manifest
Making your app soar without a container manifestLibbySchulze
 
Hyperledger
HyperledgerHyperledger
HyperledgerVinay Aitha
 
Horizen Quarterly Live Update - 4Q 2019
Horizen Quarterly Live Update - 4Q 2019Horizen Quarterly Live Update - 4Q 2019
Horizen Quarterly Live Update - 4Q 2019Horizen
 
Building a dApp on Tezos
Building a dApp on TezosBuilding a dApp on Tezos
Building a dApp on TezosTinaBregovi
 
Encode Club workshop slides
Encode Club workshop slidesEncode Club workshop slides
Encode Club workshop slidesVanessa Lošić
 
Flogo - A Golang-powered Open Source IoT Integration Framework (Gophercon)
Flogo - A Golang-powered Open Source IoT Integration Framework (Gophercon)Flogo - A Golang-powered Open Source IoT Integration Framework (Gophercon)
Flogo - A Golang-powered Open Source IoT Integration Framework (Gophercon)Kai Wähner
 
Unicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingUnicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingJohn Gasper
 
Unicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingUnicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingJohn Gasper
 
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024Cloud Native NoVA
 
Unicon June 2014 IAM Briefing
Unicon June 2014 IAM BriefingUnicon June 2014 IAM Briefing
Unicon June 2014 IAM BriefingJohn Gasper
 
Identity & Access Management Briefing
Identity & Access Management BriefingIdentity & Access Management Briefing
Identity & Access Management BriefingCharise Arrowood
 
Exploring and Using the Python Ecosystem
Exploring and Using the Python EcosystemExploring and Using the Python Ecosystem
Exploring and Using the Python EcosystemAdam Cook
 
JHipster Code 2020 keynote
JHipster Code 2020 keynoteJHipster Code 2020 keynote
JHipster Code 2020 keynoteJulien Dubois
 
Safe Community Call #13.pdf
Safe Community Call #13.pdfSafe Community Call #13.pdf
Safe Community Call #13.pdfLornyPfeifer
 
2014 Q4 IAM Open Source Support Program Update
2014 Q4 IAM Open Source Support Program Update2014 Q4 IAM Open Source Support Program Update
2014 Q4 IAM Open Source Support Program UpdateJohn Gasper
 
Quebec - 16 November 2022 - Canada CNCF Meetups.pdf
Quebec - 16 November 2022 - Canada CNCF Meetups.pdfQuebec - 16 November 2022 - Canada CNCF Meetups.pdf
Quebec - 16 November 2022 - Canada CNCF Meetups.pdfprune1
 

More Related Content

What's hot

Portable data analysis infrastracture for LHC at INFN -vCHEP2021
Portable data analysis infrastracture for LHC at INFN -vCHEP2021Portable data analysis infrastracture for LHC at INFN -vCHEP2021
Portable data analysis infrastracture for LHC at INFN -vCHEP2021Diego Ciangottini
 
Security: The Value of SBOMs
Security: The Value of SBOMsSecurity: The Value of SBOMs
Security: The Value of SBOMsWeaveworks
 
FIWARE Wednesday Webinars - Core Context Management
FIWARE Wednesday Webinars - Core Context ManagementFIWARE Wednesday Webinars - Core Context Management
FIWARE Wednesday Webinars - Core Context ManagementFIWARE
 
Yann Albou & Sébastien Féré - GitOps as a way to manage enterprise K8s and vi...
Yann Albou & Sébastien Féré - GitOps as a way to manage enterprise K8s and vi...Yann Albou & Sébastien Féré - GitOps as a way to manage enterprise K8s and vi...
Yann Albou & Sébastien Féré - GitOps as a way to manage enterprise K8s and vi...matteo mazzeri
 
Maria Guseva - The solution of merge hell in monorepo
Maria Guseva - The solution of merge hell in monorepoMaria Guseva - The solution of merge hell in monorepo
Maria Guseva - The solution of merge hell in monorepomatteo mazzeri
 
How to get Away with K8S - Becoming Production
How to get Away with K8S - Becoming ProductionHow to get Away with K8S - Becoming Production
How to get Away with K8S - Becoming ProductionAmanda Quinto
 
Making your app soar without a container manifest
Making your app soar without a container manifestMaking your app soar without a container manifest
Making your app soar without a container manifestLibbySchulze
 
Horizen Quarterly Live Update - 4Q 2019
Horizen Quarterly Live Update - 4Q 2019Horizen Quarterly Live Update - 4Q 2019
Horizen Quarterly Live Update - 4Q 2019Horizen
 
Building a dApp on Tezos
Building a dApp on TezosBuilding a dApp on Tezos
Building a dApp on TezosTinaBregovi
 
Encode Club workshop slides
Encode Club workshop slidesEncode Club workshop slides
Encode Club workshop slidesVanessa Lošić
 
Flogo - A Golang-powered Open Source IoT Integration Framework (Gophercon)
Flogo - A Golang-powered Open Source IoT Integration Framework (Gophercon)Flogo - A Golang-powered Open Source IoT Integration Framework (Gophercon)
Flogo - A Golang-powered Open Source IoT Integration Framework (Gophercon)Kai Wähner
 

What's hot (12)

Portable data analysis infrastracture for LHC at INFN -vCHEP2021
Portable data analysis infrastracture for LHC at INFN -vCHEP2021Portable data analysis infrastracture for LHC at INFN -vCHEP2021
Portable data analysis infrastracture for LHC at INFN -vCHEP2021
 
Security: The Value of SBOMs
Security: The Value of SBOMsSecurity: The Value of SBOMs
Security: The Value of SBOMs
 
FIWARE Wednesday Webinars - Core Context Management
FIWARE Wednesday Webinars - Core Context ManagementFIWARE Wednesday Webinars - Core Context Management
FIWARE Wednesday Webinars - Core Context Management
 
Yann Albou & Sébastien Féré - GitOps as a way to manage enterprise K8s and vi...
Yann Albou & Sébastien Féré - GitOps as a way to manage enterprise K8s and vi...Yann Albou & Sébastien Féré - GitOps as a way to manage enterprise K8s and vi...
Yann Albou & Sébastien Féré - GitOps as a way to manage enterprise K8s and vi...
 
Maria Guseva - The solution of merge hell in monorepo
Maria Guseva - The solution of merge hell in monorepoMaria Guseva - The solution of merge hell in monorepo
Maria Guseva - The solution of merge hell in monorepo
 
How to get Away with K8S - Becoming Production
How to get Away with K8S - Becoming ProductionHow to get Away with K8S - Becoming Production
How to get Away with K8S - Becoming Production
 
Making your app soar without a container manifest
Making your app soar without a container manifestMaking your app soar without a container manifest
Making your app soar without a container manifest
 
Hyperledger
HyperledgerHyperledger
Hyperledger
 
Horizen Quarterly Live Update - 4Q 2019
Horizen Quarterly Live Update - 4Q 2019Horizen Quarterly Live Update - 4Q 2019
Horizen Quarterly Live Update - 4Q 2019
 
Building a dApp on Tezos
Building a dApp on TezosBuilding a dApp on Tezos
Building a dApp on Tezos
 
Encode Club workshop slides
Encode Club workshop slidesEncode Club workshop slides
Encode Club workshop slides
 
Flogo - A Golang-powered Open Source IoT Integration Framework (Gophercon)
Flogo - A Golang-powered Open Source IoT Integration Framework (Gophercon)Flogo - A Golang-powered Open Source IoT Integration Framework (Gophercon)
Flogo - A Golang-powered Open Source IoT Integration Framework (Gophercon)
 

Similar to 2016 09-15 unicon-iam-update

Unicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingUnicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingJohn Gasper
 
Unicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingUnicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingJohn Gasper
 
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024Cloud Native NoVA
 
Unicon June 2014 IAM Briefing
Unicon June 2014 IAM BriefingUnicon June 2014 IAM Briefing
Unicon June 2014 IAM BriefingJohn Gasper
 
Identity & Access Management Briefing
Identity & Access Management BriefingIdentity & Access Management Briefing
Identity & Access Management BriefingCharise Arrowood
 
Exploring and Using the Python Ecosystem
Exploring and Using the Python EcosystemExploring and Using the Python Ecosystem
Exploring and Using the Python EcosystemAdam Cook
 
JHipster Code 2020 keynote
JHipster Code 2020 keynoteJHipster Code 2020 keynote
JHipster Code 2020 keynoteJulien Dubois
 
Safe Community Call #13.pdf
Safe Community Call #13.pdfSafe Community Call #13.pdf
Safe Community Call #13.pdfLornyPfeifer
 
2014 Q4 IAM Open Source Support Program Update
2014 Q4 IAM Open Source Support Program Update2014 Q4 IAM Open Source Support Program Update
2014 Q4 IAM Open Source Support Program UpdateJohn Gasper
 
Quebec - 16 November 2022 - Canada CNCF Meetups.pdf
Quebec - 16 November 2022 - Canada CNCF Meetups.pdfQuebec - 16 November 2022 - Canada CNCF Meetups.pdf
Quebec - 16 November 2022 - Canada CNCF Meetups.pdfprune1
 
Exploring Google APIs with Python
Exploring Google APIs with PythonExploring Google APIs with Python
Exploring Google APIs with Pythonwesley chun
 
Workday's Next Generation Private Cloud
Workday's Next Generation Private CloudWorkday's Next Generation Private Cloud
Workday's Next Generation Private CloudSilvano Buback
 
Continuous Delivery to the Cloud: Automate Thru Production with CI + Spinnaker
Continuous Delivery to the Cloud: Automate Thru Production with CI + SpinnakerContinuous Delivery to the Cloud: Automate Thru Production with CI + Spinnaker
Continuous Delivery to the Cloud: Automate Thru Production with CI + SpinnakerVMware Tanzu
 
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...OpenNebula Project
 
Go GC: Prioritizing Low Latency and Simplicity
Go GC: Prioritizing Low Latency and SimplicityGo GC: Prioritizing Low Latency and Simplicity
Go GC: Prioritizing Low Latency and SimplicityC4Media
 
Apache Beam and Google Cloud Dataflow - IDG - final
Apache Beam and Google Cloud Dataflow - IDG - finalApache Beam and Google Cloud Dataflow - IDG - final
Apache Beam and Google Cloud Dataflow - IDG - finalSub Szabolcs Feczak
 
Data Science in the Cloud @StitchFix
Data Science in the Cloud @StitchFixData Science in the Cloud @StitchFix
Data Science in the Cloud @StitchFixC4Media
 
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CDA GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CDJulian Mazzitelli
 
Kubernetes Forum Seoul 2019: Re-architecting Data Platform with Kubernetes
Kubernetes Forum Seoul 2019: Re-architecting Data Platform with KubernetesKubernetes Forum Seoul 2019: Re-architecting Data Platform with Kubernetes
Kubernetes Forum Seoul 2019: Re-architecting Data Platform with KubernetesSeungYong Oh
 
February 13th, 2014 - Unicon IAM Webinar Update
February 13th, 2014 - Unicon IAM Webinar UpdateFebruary 13th, 2014 - Unicon IAM Webinar Update
February 13th, 2014 - Unicon IAM Webinar UpdateMisagh Moayyed
 

Similar to 2016 09-15 unicon-iam-update (20)

Unicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingUnicon July 2015 IAM Briefing
Unicon July 2015 IAM Briefing
 
Unicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingUnicon July 2015 IAM Briefing
Unicon July 2015 IAM Briefing
 
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
 
Unicon June 2014 IAM Briefing
Unicon June 2014 IAM BriefingUnicon June 2014 IAM Briefing
Unicon June 2014 IAM Briefing
 
Identity & Access Management Briefing
Identity & Access Management BriefingIdentity & Access Management Briefing
Identity & Access Management Briefing
 
Exploring and Using the Python Ecosystem
Exploring and Using the Python EcosystemExploring and Using the Python Ecosystem
Exploring and Using the Python Ecosystem
 
JHipster Code 2020 keynote
JHipster Code 2020 keynoteJHipster Code 2020 keynote
JHipster Code 2020 keynote
 
Safe Community Call #13.pdf
Safe Community Call #13.pdfSafe Community Call #13.pdf
Safe Community Call #13.pdf
 
2014 Q4 IAM Open Source Support Program Update
2014 Q4 IAM Open Source Support Program Update2014 Q4 IAM Open Source Support Program Update
2014 Q4 IAM Open Source Support Program Update
 
Quebec - 16 November 2022 - Canada CNCF Meetups.pdf
Quebec - 16 November 2022 - Canada CNCF Meetups.pdfQuebec - 16 November 2022 - Canada CNCF Meetups.pdf
Quebec - 16 November 2022 - Canada CNCF Meetups.pdf
 
Exploring Google APIs with Python
Exploring Google APIs with PythonExploring Google APIs with Python
Exploring Google APIs with Python
 
Workday's Next Generation Private Cloud
Workday's Next Generation Private CloudWorkday's Next Generation Private Cloud
Workday's Next Generation Private Cloud
 
Continuous Delivery to the Cloud: Automate Thru Production with CI + Spinnaker
Continuous Delivery to the Cloud: Automate Thru Production with CI + SpinnakerContinuous Delivery to the Cloud: Automate Thru Production with CI + Spinnaker
Continuous Delivery to the Cloud: Automate Thru Production with CI + Spinnaker
 
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
 
Go GC: Prioritizing Low Latency and Simplicity
Go GC: Prioritizing Low Latency and SimplicityGo GC: Prioritizing Low Latency and Simplicity
Go GC: Prioritizing Low Latency and Simplicity
 
Apache Beam and Google Cloud Dataflow - IDG - final
Apache Beam and Google Cloud Dataflow - IDG - finalApache Beam and Google Cloud Dataflow - IDG - final
Apache Beam and Google Cloud Dataflow - IDG - final
 
Data Science in the Cloud @StitchFix
Data Science in the Cloud @StitchFixData Science in the Cloud @StitchFix
Data Science in the Cloud @StitchFix
 
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CDA GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CD
 
Kubernetes Forum Seoul 2019: Re-architecting Data Platform with Kubernetes
Kubernetes Forum Seoul 2019: Re-architecting Data Platform with KubernetesKubernetes Forum Seoul 2019: Re-architecting Data Platform with Kubernetes
Kubernetes Forum Seoul 2019: Re-architecting Data Platform with Kubernetes
 
February 13th, 2014 - Unicon IAM Webinar Update
February 13th, 2014 - Unicon IAM Webinar UpdateFebruary 13th, 2014 - Unicon IAM Webinar Update
February 13th, 2014 - Unicon IAM Webinar Update
 

Recently uploaded

microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 

Recently uploaded (20)

microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 

2016 09-15 unicon-iam-update

  • 1. Unicon IAM Webinar CAS, Shibboleth, Grouper 15 September 2016 - 11am Pacific Time (PT) Mike Grady • Dmitriy Kopylenko • John Gasper Join from PC, Mac, Linux, iOS or Android: https://unicon.zoom.us/j/588322739 Or iPhone one-tap (US Toll): +16465588656,588322739# or +14086380968,588322739# Or Telephone: Dial: +1 646 558 8656 (US Toll) or +1 408 638 0968 (US Toll) Meeting ID: 588 322 739
  • 2. Welcome • Community updates • Unicon contributions • Q&A
  • 3. Presenters Mike Grady Shibboleth IDP | Shibboleth SP Dmitriy Kopylenko CAS John Gasper Grouper Charise Arrowood MC
  • 5. • OpenID Connect Workshop: 22-23, 24-25 Feb 2016 in Denver, CO • Open Apereo Conference: 22-25 May 2016 in NYC • 2016 Internet2 Global Summit: 15–18 May, Chicago, IL Past Events
  • 6. • Internet2 2016 Technology Exchange: 25-29 Sept, Miami, FL • EDUCAUSE 2016 Annual Conference: 25-28 Oct, Anaheim, CA • InCommon Shibboleth Workshop: 27-28 Oct, Long Beach, CA • 2017 Internet2 Global Summit: 23–26 Apr, Washington, DC • 2017 Open Apereo: 4-8 June, Philadelphia, PA Upcoming Events
  • 7. IAM Trends •MFA for Shibboleth, CAS ○Risk-based Adaptive AuthN •OpenID Connect •TIER: Packaging, APIs, Person Registry, ... •SAML Integrations w/ O365 & ADFS •Metadata Query (MDQ) Protocol
  • 8. IAM Trends •IAM in the Cloud ○Hosted SSO services and more ○Unicon’s offering: https://www.unicon.net/solutions/IAM-cloud
  • 9. IDP | SP Mike Grady Unicon Contributions
  • 10. News ● Identity Provider V2.4.5, OpenSAML 2.6.6 ○ EOL !!!! V2 full End-Of-Life date was July 31, 2016 ○ 2.4.4 was last 2.x “minimum safe release” ● Service Provider V2.6.0 Now Available ○ Includes a new version of the Xerces XML parser that addresses Apache Xerces-C XML Parser library versions prior to V3.1.4 security vulnerability
  • 11. Shibboleth Versions ● Latest versions: ○ IdP v3.2.1 (19 Dec 2015) ○ V3.1.1 considered “minimum safe release” ○ SP v2.6.0 (27 June 2016) ● v3.2.0 and v3.2.1 released ○ HTML5 local storage ○ SLO: Front channel SAML and CAS ○ SPNEGO authentication ○ Bug fixes
  • 12. Now Past End-Of-Life ….. How soon that is a significant problem is unknown, could be tomorrow, could be months, but you need to have a plan to upgrade. Shibboleth 2.x Lifetime
  • 13. IdP: OpenID Connect https://github.com/uchicago/shibboleth-oidc ●Authorization/Implicit Flow ●Dynamic Discovery ●Standard/Custom claims ●Certified by OpenID foundation for University of Chicago
  • 14. Shib-CAS AuthN v3 https://github.com/Unicon/shib-cas-authn3 ● v3.1.0 ○ Shibboleth IdP v3.X support ○ Fixed encoding on entityId/service parameters. ● Plan to produce a version where attributes returned from CAS are available to the IdP, and the AuthN Context Class w.r.t MFA. ○ Info from CAS coming back is done, now need a “data connector” to expose it for use within the IdP
  • 15. Other/Ongoing work ● Hazelcast Storage Service https://github.com/UniconLabs/shibboleth-hazelcast-storage-service ● Duo Support for IdP v3 https://github.com/Unicon/shib-mfa-duo-auth ●Shib IdP as a Gradle Overlay https://github.com/UniconLabs/shibboleth-idp-gradle-overlay ● IdP v3 powered by Docker https://github.com/unicon/shibboleth-idp-dockerized
  • 16. Other/Ongoing work ● Split Authn ○ Support for users coming from 2 different Authentication/Attribute sources in distinct config files, only one or the other used for Authn and Resolver for any given authentication. ○ Easy to “hard code” attributes based on source (“role”) chosen. “Role” choice on Login page. ○ Demo with 2 LDAP servers, but should work with any 2 sources ○ https://github.com/Unicon/ccc-shib-split-authn
  • 17. Other/Ongoing work ● Coming Soon: Symantec VIP MFA ○ Token Authentication ○ OTP Authentication ○ Push Authentication ○ Risk based Authentication ○ Sponsored by the University of Wisconsin - Whitewater ○ Work done, but not yet “fully generalized” for open source
  • 18. Shib IdP v3.3 ● Next version of Shib IdP due by late 2016 ● Improvements to logout options and accessibility aspects of such ● Adding in more built-in support for metadata filtering, more “conditionals”, etc. ● New login flow(s) allowing combining factors in what the Shib Dev core team believes will be a more manageable/predictable way
  • 19. Shib IdP v3.3 ● Looks like an “out-of-the-box” Duo flow will be part of it ●Unicon will need to determine if our current Duo plugin should be “retired” or updated for the new version. ○ Or if there are updates to the supplied one that make sense to add ● Unicon will need to verify and/or “modify” our other current authentication flow add-ons
  • 21. CAS v4.2 ● v4.2.5 is the current version ○ Dynamic Plug-N-Play module configuration ○ ADFS/WS-FED delegated authN ○ UIs to manage SSO sessions/statistics ○ BASIC, JWT, Shiro, MongoDB, Stormpath authN ○ Couchbase, Ignite, Infinispan ticket registries ○ ABAC via attributes, time, or Grouper ●See http://jasig.github.io/cas/4.2.x/index.html
  • 22. CAS v5.0.0 ● Tentative release date: October 2016 ● Current release: 5.0.0.RC1 ● Major features: ○ MFA via DuoSecurity, RADIUS, YubiKey ■ Risk-based adaptive authN ○ SAML2 Web SSO support ○ OAuth/OIDC support ○ Full internal config re-architecture via Spring Boot ○ Java 8
  • 23. Other/Ongoing work ● Auto config for CAS Java clients https://github.com/Unicon/cas-client-autoconfig-support ● Delegated SAML authN for CAS 3.5.x https://github.com/UniconLabs/cas-saml-auth ● Bootstrap CAS via a Gradle overlay: https://github.com/UniconLabs/cas-strap
  • 24. Further CAS Resources ● CAS maintenance policy: https://apereo.github.io/cas/developer/Maintenance- Policy.html ● Apereo Blog: https://apereo.github.io/
  • 26. Grouper v2.3.0 ● Can run multiple simultaneous Loader/Daemon instances ●WS: Manage attribute/permission defs; TIER authorization ●PSP-NG: New Grouper provisioner ○ LDAP and AD connectors built-in ●Exporting tree to GSH script. ●Lots of patches: ○ API: 24, UI: 8, WS: 5, PSP-NG: 2
  • 27. Other/Ongoing work ●Internet2 Grouper Dockerized: Composable images/containers https://github.com/Unicon/grouper-dockerized ● Grouper-Demo for Docker https://hub.docker.com/r/unicon/grouper-demo/ ● Custom Provisioning Target Form https://github.com/Unicon/grouper-provisioning-target-ui ● Azure AD (Office 365) Provisioner https://github.com/Unicon/office365-and-azure-ad-grouper- provisioner
  • 28. Docker Demo Grouper environment based on the composable images/container
  • 29. Questions / Discussion Mike Grady mgrady@unicon.net Dmitry Kopylenko dkopylenko@unicon.net John Gasper jgasper@unicon.net

Editor's Notes

  1. Unicon's CAS strategy* Participate directly in CAS* Develop open source software on behalf of clients* Inform maintenance development through support. You have to source your support somewhere* In-house staff* Goodwill and engagement of the community* Commercial partner (e.g., Unicon)* (Reality Often combination of these)Unicon's "Cooperative" Support* Cooperates with you, your staff, the community* Support experiences yield improved public documentation* Support-inspired and subscriber-needs-guided open source maintenance development** Directly in and available for adoption with the Jasig CAS softwareThank you to our support subscribers!* Support subscriptions make Unicon maintenance development possible* Support experiences and subscriber input guide Unicon maintenance development towards the worthwhile
  2. https://www.incommon.org/shibtraining/
  3. https://spaces.internet2.edu/display/Grouper/Grouper+2.3+Release+Announcement https://spaces.internet2.edu/display/Grouper/v2.3+Release+Notes