2004 © SWITCH 1 Shibboleth in Switzerland Internet2 Spring Meeting 2004 Thomas Lenggenhager Overview SWITCH & SWITCHaai Project.

Slides:



Advertisements
Similar presentations
Lousy Introduction into SWITCHaai
Advertisements

College An insight Into the College VLE Graham Mason
EVERY CONNECTION has a starting point. EVERY CONNECTION has a starting point. WorldCat Navigator - Authentication Library Hosted Navigator EZproxy and.
AAI for Apps Using AAI with your Smartphone Daniel Latzer Zürich, April 2013
2006 © SWITCH Group Management Tool Lukas Haemmerle
1 Wolfgang Lierz Staff IT-Services / Network & Security Admin ETH-Bibliothek Zurich Integration Primo-Aleph-PDS-SSO- AAI Wolfgang Lierz / IGeLU 2012 Zurich.
The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.
Inter-Institutional Registration UNC Cause December 4, 2007.
Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.
2005 © SWITCH Authentication and Authorization Infrastructure Martin Sutter, Head of NetServices Thomas Lenggenhager, Deputy Project Manager AAI Christoph.
18/05/2015 META ACCESS MANAGEMENT SYSTEM Virtual Organisations Accomodating Research Groups in a Shibboleth Federation Peter Schendzielorz Macquarie University’s.
5/25/2015 AEB/Yleisesittely Roaming network access using Shibboleth in University of Helsinki Fall 2004 Internet2 Member Meeting 29th of September, 2004.
2006 © SWITCH Authentication and Authorization Infrastructures in e-Science (and the role of NRENs) Christoph Witzig SWITCH e-IRG, Helsinki, Oct 4, 2006.
1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.
CSC – Tieteen tietotekniikan keskus Oy CSC – IT Center for Science Ltd. The Language Bank of Finland User Authentication and Authorization Service
2006 © SWITCH SWITCH Plans for Shibboleth and Grid GGF16 Feb 14, 2006 Christoph Witzig (Thomas Lenggenhager, Valery Tschopp, Placi Flury) SWITCH.
Widely Distributed Access Management Tom Barton University of Chicago.
Administrative Information Systems Shibboleth: The Next Generation ISIS Technical Information Session for Developers Datta Mahabalagiri March
2003 © SWITCH Realization of a Vision: Authentication and Authorization Infrastructure for the Swiss Higher Education Community Copyright Martin Sutter,
Working from home/off-campus - Electronic Resources Off campus access and authentication routes 2009/2010.
SWITCHaai Team Federated Identity Management.
AAI with simpleSAMLphp
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
Introduction to Grouper Part 1: Access Management & Grouper Tom Barton University of Chicago and Internet2 Manager – Grouper Project.
SWITCHaai Team Introduction to Shibboleth.
Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.
CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.
PERSEU S : Portal-enabled Resources via Shibbolized End-user Security 3 May 05Spring 2005 Internet2 Member meeting 1 News from the ‘misty’ Albion: Shibboleth.
Single Sign-On Offerings Dustin MacIver EBSCO Publishing 6/4/2011.
2006 © SWITCH Spring 2006 Internet2 Member Meeting The SWITCHaai Federation in Switzerland Thomas Lenggenhager
Copyright JNT Association 2005Copyright JNT Association An Introduction to Access Management and the UK Federation Simon Cooper.
Presented by Xiaoyu Qin Virtualized Access Control & Firewall Virtualization.
2005 © SWITCH Deployment of a Shibboleth-based Infrastructure in Switzerland: SWITCHaai Martin Sutter, Head of NetServices, SWITCH (Ueli Kienholz & Thomas.
TNC2004 Rhodes 1 Authentication and access control in Sympa mailing list manager Serge Aumont & Olivier Salaün May 2004.
I2Q & WMnet Pilot Presented by Jason Rousell – i2Q Jay Neale - i2Q.
AAI-enabled VO Platform “VO without Tears” Christoph Witzig EGI TF, Amsterdam, Sept 15, 2010.
2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.
2006 © SWITCH Grid Activities at SWITCH Christoph Witzig EGEE - 06 Geneva Sep 28, 2006.
UNITED STATES. Understanding NDS for Directory- Enabled Solutions Ed Shropshire, NDS Developer Program Manager Novell, Inc.
Michael Ghens Information Systems Specialist Santa Barbara City College.
Shibboleth for Real Dave Kennedy
Authority of Information Technology Application National Center of Digital Signature Authentication Ninh Binh, June 25, 2010.
2003 © SWITCH Authentication and Authorisation Infrastructure - AAI Christoph Graf Project Leader AAI SWITCH.
Shibboleth: An Introduction
Shibboleth Access Management System Walter Hoehn & David Millman, Columbia University.
Shibboleth: Early Experience at OSU Scott Cantor October 28, 2002 Scott Cantor October 28, 2002.
2005 © SWITCH Interoperability Shibboleth and gLite in EGEE-2 MWSG Amsterdam Dec 15, 2005 Christoph Witzig SWITCH.
University of Washington Identity and Access Management IEEAF – RENU Network Design Workshop Seattle - 29 Nov 2007 Lori Stevens, Director, Distributed.
CARSI: Federated Identity and Resource Sharing over CERNET Dr. PING CHEN Peking University( 北京大学 ) Jan, 24 th, 2008.
JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.
Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.
2003 © SWITCH Authentication and Authorisation Infrastructure - AAI Christoph Graf Project Leader AAI SWITCH.
Advanced research and education networking in the United States: the Internet2 experience Heather Boyles Director, Member and Partner Relations Internet2.
Administrative Information Systems Shibboleth Install Session Technical Information Session for Developers Datta Mahabalagiri.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Interoperability Shibboleth - gLite Christoph.
CERN IT Department CH-1211 Genève 23 Switzerland t Single Sign On, Identity and Access management at CERN Alex Lossent Emmanuel Ormancey,
6/12/2016 AEB/Yleisesittely WLAN roaming experiences using Shibboleth TNC 2004, Rhodes 7th of June, 2004 Mikael Linden, Viljo Viitanen,
Project Moonshot Daniel Kouřil EGI Technical Forum
Authentication and Authorisation for Research and Collaboration AARC/CORBEL Workshop for Life Sciences AAI AARC Draft Blueprint.
Office of Information Technology GT Identity and Access Management JA-SIG CAS project (introducing login.gatech.edu) April 29th,
October 2014 HYBRIS ARCHITECTURE & TECHNOLOGY 01 OVERVIEW.
Web SSO with Cloud Resources using AD Federation Services
David Millman—Columbia January 2005
Shibboleth Architecture
Federation made simple
An authorization service for Virtual Organizations (VO)
ESA Single Sign On (SSO) and Federated Identity Management
Cal Poly Pomona Identity Management
Shibboleth in Switzerland
Presentation transcript:

2004 © SWITCH 1 Shibboleth in Switzerland Internet2 Spring Meeting 2004 Thomas Lenggenhager Overview SWITCH & SWITCHaai Project SWITCHaai Federation Virtual Home Organizations Shibbolizing WebCT with the AAI-Portal

2004 © SWITCH 2 SWITCH SWITCH – The Swiss Education & Research Network a foundation of the federal and regional governments provides connectivity redundant dark-fiber based backbone and network services for Swiss universities AAI, video conference, mail gateways, … 12 universities 110’000students47’000 faculty & staff 7 universities of applied sciences 36’000students17’000 faculty & staff Swiss population ~ 7 million

2004 © SWITCH 3 SWITCHaai SWITCHaai – Authentication & Authorization Infrastructure Shibboleth selected as architecture in mid 2003 current status: migration from pilot to production service 5 Home Organizations at bigger universities SWITCH HomeOrg & Virtual Home Organization (VHO) 3 e-learning resources in use by students public demo resources

2004 © SWITCH 4 SWITCHaai Federation SWITCH acts as federation service provider Federation membership based on signed service agreements

2004 © SWITCH 5 Virtual Home Organization – VHO Problem: Users without a shibbolized Home Org What shall they do? Solution: Virtual Home Organization The exception, not the rule! Minimal information Clearly marked as special users through swissEduPersonHomeOrganizationType = vho use of entitlement attribute for authorization Project/resource oriented Users managed by the project/resource owner One user might have multiple identities

2004 © SWITCH 6 The AAI-Portal Developed by an e-learning project in Switzerland needs user management easy authorization control for various applications  concept with back-end adaptors uses Apache, PHP and MySQL is open source  was the first shibbolized application in Switzerland

2004 © SWITCH 7 Shibboleth-enabled WebCT Servers AAIportal WebCT CE Adaptor WebCT Vista Adaptor WebCT Vista WebCT CE Shibboleth once per session session itself

2004 © SWITCH 8 Shibbolized WebCT-login process e-ticket =hash of WebCT URL, UserID & shared secret with WebCT WebCT IMS API 1) Shibboleth protected login 4) Automatic WebCT login with e-ticket AAIportal 3) Redirect with e-ticket WebCT Vista Adaptor WebCT Vista Shibboleth 2) Create/modify user course membership WebCT Standard API once per session session itself

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.