• Home

  • Documents

  • Introduction to Shibboleth and the IAMSECT Project
24
http://iamsect.ncl.ac.uk/ Introduction to Shibboleth and the IAMSECT Project

Introduction to Shibboleth and the IAMSECT Project

Embed Size (px)

DESCRIPTION

Introduction to Shibboleth and the IAMSECT Project. What is Shibboleth?. Authentication management Authorisation management (Open Source) Software A decentralised, key-based trust model Web-based. Overview. Users and Services, now Users and Services, with Shibboleth ID Providers - PowerPoint PPT Presentation

Citation preview

Page 1: Introduction to Shibboleth and the IAMSECT Project

http://iamsect.ncl.ac.uk/

Introduction to Shibboleth and the IAMSECT Project

Page 2: Introduction to Shibboleth and the IAMSECT Project

2

http://iamsect.ncl.ac.uk/

What is Shibboleth?

• Authentication management

• Authorisation management

• (Open Source) Software

• A decentralised, key-based trust model

• Web-based

Page 3: Introduction to Shibboleth and the IAMSECT Project

3

http://iamsect.ncl.ac.uk/

Overview

• Users and Services, now• Users and Services, with Shibboleth• ID Providers• The IAMSECT Project

• Demonstration #1 - Shibboleth & BB• Demonstration #2 – BIOSIS (live)• Questions

Page 4: Introduction to Shibboleth and the IAMSECT Project

4

http://iamsect.ncl.ac.uk/

Users and Services - now

• Many username & password pairs

• Tools to manage them• Means of Coping

• Managing user lists• ‘remote users’• Keeping up-to-date

Users Services

•Confidentiality•Security

Page 5: Introduction to Shibboleth and the IAMSECT Project

5

http://iamsect.ncl.ac.uk/

User and Services - Shibboleth

• One Home institution• One username and

password

• No user lists• Federations

Users Services

How?

Page 6: Introduction to Shibboleth and the IAMSECT Project

6

http://iamsect.ncl.ac.uk/

Identity Providers

• Assert someone’s identity

• You want your users to access remote services• Only worry about your own users

Page 7: Introduction to Shibboleth and the IAMSECT Project

7

http://iamsect.ncl.ac.uk/

Federations

• Groups of Identity & Service Providers

• A set of agreed policies

• Mutual trust (via symmetric keys)

Page 8: Introduction to Shibboleth and the IAMSECT Project

8

http://iamsect.ncl.ac.uk/

IAMSECT

• Inter-institutional Authorisation Management to Support eLearning with reference to Clinical Teaching

Page 9: Introduction to Shibboleth and the IAMSECT Project

9

http://iamsect.ncl.ac.uk/

IAMSECT

• JISC funded

• Collaboration between Durham, Northumbria, Newcastle

• Shibboleth isn’t trivial

• Technical issues

• Managerial issues

• Confidentiality - Clinical Teaching

Page 10: Introduction to Shibboleth and the IAMSECT Project

10

http://iamsect.ncl.ac.uk/

Demonstration #1 (theoretical)

• At present, theoretical

• Durham Blackboard (Service Provider)• Newcastle login (Identity Provider)

Page 11: Introduction to Shibboleth and the IAMSECT Project

11

http://iamsect.ncl.ac.uk/

Demonstration #1

Page 12: Introduction to Shibboleth and the IAMSECT Project

12

http://iamsect.ncl.ac.uk/

User attempts to access Service

Page 13: Introduction to Shibboleth and the IAMSECT Project

13

http://iamsect.ncl.ac.uk/

http://duo.dur.ac.uk/

Page 14: Introduction to Shibboleth and the IAMSECT Project

14

http://iamsect.ncl.ac.uk/

User redirected to ‘WAYF’

Page 15: Introduction to Shibboleth and the IAMSECT Project

15

http://iamsect.ncl.ac.uk/

https://wayf.sdss.ac.uk/shibboleth-wayf/...

Page 16: Introduction to Shibboleth and the IAMSECT Project

16

http://iamsect.ncl.ac.uk/

User selects their Identity Provider

Page 17: Introduction to Shibboleth and the IAMSECT Project

17

http://iamsect.ncl.ac.uk/

https://weblogin.ncl.ac.uk/cgi-bin/index.cgi

Page 18: Introduction to Shibboleth and the IAMSECT Project

18

http://iamsect.ncl.ac.uk/

I.P. authenticates User

Active Directory

Page 19: Introduction to Shibboleth and the IAMSECT Project

19

http://iamsect.ncl.ac.uk/

User redirected back to Service

Active Directory

Page 20: Introduction to Shibboleth and the IAMSECT Project

20

http://iamsect.ncl.ac.uk/

https://shib.ncl.ac.uk/shibboleth/HS?...

Page 21: Introduction to Shibboleth and the IAMSECT Project

21

http://iamsect.ncl.ac.uk/

User accesses Service

Active Directory

Page 22: Introduction to Shibboleth and the IAMSECT Project

22

http://iamsect.ncl.ac.uk/

http://duo.dur.ac.uk/

Page 23: Introduction to Shibboleth and the IAMSECT Project

23

http://iamsect.ncl.ac.uk/

Demonstration #2 (live)

• EDINA BIOSIS e-journal Service

• SDSS federation WAYF

• Newcastle Identity Provider

Page 24: Introduction to Shibboleth and the IAMSECT Project

24

http://iamsect.ncl.ac.uk/

Questions


Shibboleth Update Michael R Gettes, Duke University On behalf of the shib project team

Shibboleth Update Michael R Gettes, Duke University On behalf of the shib project team

Documents
Shibboleth at Newcastle

Shibboleth at Newcastle

Documents
Shibboleth at Cardiff University Lindsay Roberts Project Manager – Shibboleth Implementation Phase 2

Shibboleth at Cardiff University Lindsay Roberts Project Manager – Shibboleth Implementation Phase 2

Documents
Shibboleth Identity Provider (IdP) - CLARIN · Shibboleth Identity Provider (IdP) Sebastian Rieger sebastian.rieger@gwdg.de. CLARIN AAI Shibboleth Workshop 2 Integrating your local

Shibboleth Identity Provider (IdP) - CLARIN · Shibboleth Identity Provider (IdP) Sebastian Rieger [email protected]. CLARIN AAI Shibboleth Workshop 2 Integrating your local

Documents
Interoperability Shibboleth - gLite

Interoperability Shibboleth - gLite

Documents
Shibboleth: Molecules, Music, and Middleware. Outline ● Terms ● Problem statement ● Solution space – Shibboleth and Federations ● Description of Shibboleth

Shibboleth: Molecules, Music, and Middleware. Outline ● Terms ● Problem statement ● Solution space – Shibboleth and Federations ● Description of Shibboleth

Documents
Federated Shibboleth, OpenID, oAuth, and Multifactor Shibboleth, OpenID, oAuth, and Multifactor | 1 Federated Shibboleth, OpenID, oAuth, and Multifactor Russell Beall Senior Programmer/Analyst

Federated Shibboleth, OpenID, oAuth, and Multifactor Shibboleth, OpenID, oAuth, and Multifactor | 1 Federated Shibboleth, OpenID, oAuth, and Multifactor Russell Beall Senior Programmer/Analyst

Documents
Shibboleth and CU

Shibboleth and CU

Documents
Shibboleth LDAP Backend

Shibboleth LDAP Backend

Documents
Shibboleth Archive

Shibboleth Archive

Documents
Introduction to Shibboleth - SWITCH...• •SAML 2.0 • SSO ... Introduction to Shibboleth - Shibboleth Training 2015 Author: SWITCHaai Created Date: 20151015071708Z

Introduction to Shibboleth - SWITCH...• •SAML 2.0 • SSO ... Introduction to Shibboleth - Shibboleth Training 2015 Author: SWITCHaai Created Date: 20151015071708Z

Documents
Shibboleth Setup

Shibboleth Setup

Documents
Shibboleth Tutorial

Shibboleth Tutorial

Documents
Shibboleth Roadmap -- 2005

Shibboleth Roadmap -- 2005

Documents
Lenya and Shibboleth

Lenya and Shibboleth

Economy & Finance
ProQuest Pivot now supports Shibboleth S · 2017-10-23 · ProQuest Pivot now supports Shibboleth Single Sign-On. What is Shibboleth? Shibboleth is the world's most widely deployed

ProQuest Pivot now supports Shibboleth S · 2017-10-23 · ProQuest Pivot now supports Shibboleth Single Sign-On. What is Shibboleth? Shibboleth is the world's most widely deployed

Documents
Shibboleth and the IAMSECT Project

Shibboleth and the IAMSECT Project

Documents
Overview of Shibboleth Service - University of …...Overview of Shibboleth Service Shibboleth is an open source software package, maintained by Internet2, which establishes standards

Overview of Shibboleth Service - University of …...Overview of Shibboleth Service Shibboleth is an open source software package, maintained by Internet2, which establishes standards

Documents
download.microsoft.com€¦  · Web viewAs a Shibboleth and OpenSAML project developer, and a deployer of the Shibboleth software at The Ohio State University, I’m excited and

download.microsoft.com€¦  · Web viewAs a Shibboleth and OpenSAML project developer, and a deployer of the Shibboleth software at The Ohio State University, I’m excited and

Documents
Shibboleth Identity Provider Version 3 IAM Online March 11, 2015 Scott Cantor, Shibboleth Development Team Marvin Addison, Shibboleth Development Team

Shibboleth Identity Provider Version 3 IAM Online March 11, 2015 Scott Cantor, Shibboleth Development Team Marvin Addison, Shibboleth Development Team

Documents
Introduction to Shibboleth

Introduction to Shibboleth

Documents
Holly Eggleston, UCSD Shibboleth and Library Resources InCommon Library/Shibboleth Project

Holly Eggleston, UCSD Shibboleth and Library Resources InCommon Library/Shibboleth Project

Documents
Shibboleth Identity Provider

Shibboleth Identity Provider

Documents
Shibboleth & Federations

Shibboleth & Federations

Documents
Shibboleth 2.0: 6 months later… Shibboleth 2.0 -- Again Nate Klingenstein ndk@internet2.edu

Shibboleth 2.0: 6 months later… Shibboleth 2.0 -- Again Nate Klingenstein [email protected]

Documents
David Kennedy, UMD Shibboleth and Library Resources Internet2 Library/Shibboleth Project

David Kennedy, UMD Shibboleth and Library Resources Internet2 Library/Shibboleth Project

Documents
Shibboleth and INSPIRE

Shibboleth and INSPIRE

Technology
7 October 2015 Shibboleth. Agenda Shibboleth Background and Status Why is Shibboleth Important (to Higher Ed)? Current Pilots Course Management

7 October 2015 Shibboleth. Agenda Shibboleth Background and Status Why is Shibboleth Important (to Higher Ed)? Current Pilots Course Management

Documents
Shibboleth SP Logout Support - Shibboleth Training …...Current state of SLO in Shibboleth Shibboleth Service Provider 2.5.x • Supports local and global logout Shibboleth Identity

Shibboleth SP Logout Support - Shibboleth Training …...Current state of SLO in Shibboleth Shibboleth Service Provider 2.5.x • Supports local and global logout Shibboleth Identity

Documents
Shibboleth Update

Shibboleth Update

Documents