1 / 14

Shibboleth 2.0 IdP Training: Introduction

Shibboleth 2.0 IdP Training: Introduction. January, 2009. Before Lunch Introduction IdP Basics and Installation After Lunch Authentication Attributes Productionalization. Federated Identity Management. Distributed identity management system

rpreece
Download Presentation

Shibboleth 2.0 IdP Training: Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Shibboleth 2.0 IdP Training:Introduction • January, 2009

  2. Before Lunch • Introduction • IdP Basics and Installation • After Lunch • Authentication • Attributes • Productionalization

  3. Federated Identity Management • Distributed identity management system • Enterprises trust each other to provide information • Security/privacy protection

  4. Shibboleth • Open source enterprise federated single sign on software • Project started in 2000, first release 2003 • Current version 2.1 • Standards based (SAML) • Widely used in education & government environments

  5. SAML • Security Access Markup Language • XML-based standard for authentication and authorization data interchange • Identity Provider – producer of assertions • Service Provider – consumer of assertions • Current Version: 2.0 • Shibboleth 2.0 implements SAML 2.0

  6. How it works • The user tries to access a protected application • The user tells the application where they are from • The user logs in at “home” • The user’s home tells the application about the user • The application accepts or rejects the user

  7. How it works

  8. How it works (Shibboleth 2)

  9. How it works (Shibboleth 1.3)

  10. How it works (Demo)

  11. Shibboleth Identity Provider (IdP) • Java Servlet application • Runs in any Java Servlet 2.4 container • Does not contain attributes or logins • Connects to authoritative sources

  12. What uses Shibboleth? • Microsoft Dreamspark • Apple iTunesU • Elsevier ScienceDirect • ExLibris MetaLib • Google Apps • . . .lots more. . .

  13. Federations • Trusted communities with common user bases and applications • Can provide metadata, rules, auditing, advertising of services, etc. • Not required for Shibboleth

  14. Federation for CHECO • TBD

More Related