Presentation is loading. Please wait.

Presentation is loading. Please wait.

Campuses New to Shibboleth: WebSSO Barry Johnson

Published byDelilah Terry Modified over 9 years ago

Similar presentations

Presentation on theme: "Campuses New to Shibboleth: WebSSO Barry Johnson"— Presentation transcript:

1 Campuses New to Shibboleth: WebSSO Barry Johnson hbj@clemson.edu

2 Who is this guy? 18 years with Clemson IT Director of Services Engineering Developer and Sysadmin at heart Creator of Clemson’s current WebSSO system

3 “We aren't doing science here, we're just trying to get people logged on" - Mike Marshall

4 Overview Why use Shib? How does it work? Getting Started Installation The Experience Info for Developers

5 Why use Shib for SSO? Multi-platform Built on proven technologies An enabler secure collaboration

6 How does it work?

7 What do I need to get started? A solid identity store for Authentication LDAP SQL A good API Server Resources for the IDP Good Sysadmins Apache, Tomcat, IIS, XML, PKI

8 Installation IDP – Identity Provider SP – Service Provider

9 Installation: IDP Install Apache Install Tomcat Front IDP with Apache and delegate authentication to Apache Configure trust idp.xml, arp.xml, etc... https://spaces.internet2.edu/display/SHIB/InstallingShibboleth

10 Installation: SP LAMP: Apache module and a daemon IIS: ISAPI module and service Configure trust shibboleth.xml, aap.xml, etc... https://spaces.internet2.edu/display/SHIB/InstallingShibboleth

11 Shib: The Experience Users They may thank you, or they may not even notice Developers If they already delegate authentication to the server, they may not notice either If they currently handle authentication themselves, they may love or hate you. Security & Sysadmins They'll thank you later

12 Developers Who is logged in? User information is in the headers PHP: $_SERVER['REMOTE_USER'] ASP: Request.ServerVariables("REMOTE_USER") JSP: request.getHeader("REMOTE_USER") Perl: $ENV{"REMOTE_USER"} http://shib.kuleuven.be/download/sp/test_scripts/

13 Again, why Shib? So much more than WebSSO Enabler for secure collaboration sharing web resources beyond your institution Tool for implementing privacy policies clearing house for user attributes Tool for role-based authorization enables fine-grained control based on user attributes

14 Learn more Come to our next session: June 26 Tuesday 10:15-11:30 Campuses New to Shibboleth: Attribute Delivery On-line resources: http://shibboleth.internet2.edu

15 Questions?

Download ppt "Campuses New to Shibboleth: WebSSO Barry Johnson"

Similar presentations

MyProxy Jim Basney Senior Research Scientist NCSA

MyProxy Jim Basney Senior Research Scientist NCSA
Enabling UCTrust Access for Your Application Introduction to The UC CSC Conference UC Santa Barbara, July 21-22, 2008.

Enabling UCTrust Access for Your Application Introduction to The UC CSC Conference UC Santa Barbara, July 21-22, 2008.
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
Eunice Mondésir Pierre Weill-Tessier 1 Federated Identity with Ping Federate Project Supervisor: M. Maknavicius-Laurent ASR Coordinator: G. Bernard ASR.

Eunice Mondésir Pierre Weill-Tessier 1 Federated Identity with Ping Federate Project Supervisor: M. Maknavicius-Laurent ASR Coordinator: G. Bernard ASR.
Shibboleth at Newcastle Caleb Racey Webteam ISS Shibboleth experiences Program  Background  What shib has enabled  Benefits of shib  How to do shib.

Shibboleth at Newcastle Caleb Racey Webteam ISS Shibboleth experiences Program  Background  What shib has enabled  Benefits of shib  How to do shib.
Connect. Communicate. Collaborate The eduGAIN Way Diego R. Lopez - RedIRIS.

Connect. Communicate. Collaborate The eduGAIN Way Diego R. Lopez - RedIRIS.
UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.

UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Case Study: Newcastle University

Case Study: Newcastle University
Infrastructure for Multi-Professional Education and Training Using Shibboleth.

Infrastructure for Multi-Professional Education and Training Using Shibboleth.
Blackboard Building Blocks Authentication Overview Tuesday, June 30, 2015 Tom Joyce, Product Manager, Platform Architecture & Database.

Blackboard Building Blocks Authentication Overview Tuesday, June 30, 2015 Tom Joyce, Product Manager, Platform Architecture & Database.
1 July 2005© 2005 University of Kent1 Seamless Integration of PERMIS and Shibboleth – Development of a Flexible PERMIS Authorisation Module for Shibboleth.

1 July 2005© 2005 University of Kent1 Seamless Integration of PERMIS and Shibboleth – Development of a Flexible PERMIS Authorisation Module for Shibboleth.
Administrative Information Systems Shibboleth: The Next Generation ISIS Technical Information Session for Developers Datta Mahabalagiri March 3. 2008.

Administrative Information Systems Shibboleth: The Next Generation ISIS Technical Information Session for Developers Datta Mahabalagiri March
Grouper UI Part 1 Shilen Patel Duke University This work licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License.

Grouper UI Part 1 Shilen Patel Duke University This work licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License.
Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.

Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 STRIDE towards 2-factor Web SSO Rich Graves October 2014 GIAC GSE, GCIA, GCIH, GPEN,

1 SANS Technology Institute - Candidate for Master of Science Degree 1 STRIDE towards 2-factor Web SSO Rich Graves October 2014 GIAC GSE, GCIA, GCIH, GPEN,
AAI with simpleSAMLphp

AAI with simpleSAMLphp
Claims Based Authentication

Claims Based Authentication
A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of Texas System Copyright Paul Caskey 2006 Not Your Father’s.

A case study of Shibboleth deployment within the U.T. System June 26, 2006 Paul Caskey University of Texas System Copyright Paul Caskey 2006 Not Your Father’s.
3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.

3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.

Similar presentations

Ads by Google