Raven/Shibboleth: Difference between revisions

From RavenWiki
Jump to navigationJump to search
(→‎Software and reference: Shib SP in PHP)
No edit summary
 
(8 intermediate revisions by one other user not shown)
Line 1: Line 1:
{{New Docs}}
[[Image:ShibbolethLogoColor.png|right|Shibboleth logo]]
[[Image:ShibbolethLogoColor.png|right|Shibboleth logo]]


==Shibboleth information==
Shibboleth is an international development supporting authentication and authorisation for web-based applications, based on international standards. Raven has supported the Shibboleth protocol (in addition to the older, local [[Raven/Webauth | Webauth]] protocol) since September 2007.
 
===Background===
 
* [[A brief introduction to Shibboleth]]
* [https://spaces.internet2.edu/display/SHIB/ShibbolethGlossary Shibboleth Glossary]
* "Federated Security: The Shibboleth Approach", R. L. "Bob" Morgan, Scott Cantor, Steven Carmody, Walter Hoehn, and Ken Klingenstein -  [http://www.educause.edu/pub/eq/eqm04/eqm0442.asp as html]; [http://www.educause.edu/ir/library/pdf/eqm0442.pdf as pdf]
* Part 3 of "Web Services Security", Bilal Siddiqui, talks about SAML (the Security Assertions Markup Language) which is what underpins Shibboleth. [http://webservices.xml.com/pub/a/ws/2003/03/04/security.html Part 1] [http://webservices.xml.com/pub/a/ws/2003/04/01/security.html Part 2] [http://webservices.xml.com/pub/a/ws/2003/05/13/security.html Part 3] [http://webservices.xml.com/pub/a/ws/2003/07/22/security.html Part 4]
* [http://hdl.handle.net/1988/2771 John Paschoud's 'Shibboleth: Guide for SysAdmins']
* [http://www-uxsup.csx.cam.ac.uk/~jw35/courses/itliaison/shib/ Jon's IT Liaison Meeting presentation], Jan 2007
* Jon's Techlink presentation, May 2007 [http://www-uxsup.csx.cam.ac.uk/~jw35/courses/techlink/shib-intro/ as HTML], [http://www-uxsup.csx.cam.ac.uk/~jw35/courses/techlink/shib-intro/shib-intro.pdf as PDF]
 
===Organizations===
 
* [http://www.jisc.ac.uk/ JISC], and their [http://www.jisc.ac.uk/uploaded_documents/CMRoadmap03_05.doc Shibboleth plans] (MS Word format, sorry)
** [http://involve.jisc.ac.uk/wpmu/jam/ JISC Access Management Team Blog]
* [http://www.becta.org.uk/ BECTA]
* [http://www.ukfederation.org.uk/ The UK Access Management Federation]
 
===Shibboleth-compliant publishers===
 
* [http://www.ovid.com/ Ovid]
 
===Software and reference===
 
* [http://shibboleth.internet2.edu/ Internet2 Shibboleth Project]
* [http://www.guanxi.uhi.ac.uk/index.php/Guanxi:About Guanxi] (an alternative implementation)
* [http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security SAML]
* [http://www.educause.edu/eduperson/ EduPerson] (while Shib doesn't require the EduPerson LDAP schema, it does use it to define some attributes)
* Athens:
** [http://www.lib.cam.ac.uk/electronicresources/Access_Passwords.htm#Athens Local]
** [http://www.athensams.net/ From Eduserv]
* [http://www.switch.ch/aai/support/tools/arpviewer.html ArpViewer]
* [http://rnd.feide.no/2007/08/30/public-release-of-shibboleth-13-sp-written-in-php/ A Shib SP in PHP?]
 
==Shibboleth Development Project==
 
===Demo links===
 
UK Federation test targets (only the first will work from Lapwing):
* https://target.sdss.ac.uk/secure/index.html
* https://target.iay.org.uk:8446/secure/index.html
* https://target.iay.org.uk:8446/secure/printenv.cgi
* https://nevis.ed.ac.uk:8885/cgi-bin/printenv
 
Example SPs via Shib (not all guaranteed to be accessible from Cambridge):
* [https://spaces.internet2.edu/display/SHIB/WebHome Shibboleth Project Wiki]
* [https://weather.atomwide.com/ Atomwide Weather Project]
* [http://www.sciencedirect.com/ ScienceDirect]
* [http://www.filmandsound.ac.uk/ Film & Sound Online]
* [http://zetoc.mimas.ac.uk:8000/cgi-bin/shibb Zetoc Alert] (using SDDS SSL certificate; not from Lapwing)
* [http://zetoc.mimas.ac.uk:8000/cgi-bin/wzshib Zetoc Search] (dito)
* [http://www.jiscmail.ac.uk JISCMail] (see https://www.jiscmail.ac.uk/help/policy/shibmode.htm for details)
* [http://www.jvcs.ja.net/docs/bookingint.shtml JANET Videoconferencing Booking Service]
 
These and other SPs are listed on the UK Federation's [http://www.ukfederation.org.uk/content/Documents/AvailableServices Available Services] page.
 
* [https://mnementh.csi.cam.ac.uk/secure/ Local demo site] on mnementh
 
Example Athens content providers via Shib->Athens gateway:
 
* [https://auth.athensams.net/setorg.php?id=urn:mace:eduserv.org.uk:athens:provider:cam.ac.uk&ath_returl=https%3a%2f%2fwiki.csx.cam.ac.uk%2fraven%2fShibboleth Set HDDS cookie and come back here] (using setorg.php)
* [https://auth.athensams.net/setsite.php?id=urn:mace:eduserv.org.uk:athens:provider:cam.ac.uk&ath_dspid=ATHENS.MY&ath_returl=%2Fmy Set HDDS cookie and go to MyAthens] (using setsite.php)
 
[http://www.switch.ch/aai/support/tools/arpviewer.html ArpViewer]:
* [https://shib.raven.cam.ac.uk/arpviewer/useredit.jsp?standalone_next_url=https%3a%2f%2fwiki.csx.cam.ac.uk%2fraven%2fShibboleth  Reset ArpViewer login preferences]
 
===Project Documents===


* [[Shibboleth Attribute Usage and Derivation]]
; '''[[Shibboleth background and reference]]''' : links, mainly external, to background and reference information about Shibboleth and the Raven/Shibboleth service
* [[Assigning Athens permissions sets]]
; '''[[Shibboleth software]]''' : sources of software implementing the Shibboleth protocol
* [[Data Protection issues with Shibboleth]]
; '''[[Shibboleth documentation and HOWTOs]]''' : additional documentation and HOWTOs
* [[Shibboleth Attribute Release policy summary]]
* [[Shibboleth Attribute Release meta-Policy]]
* [[Using the Shibboleth to Athens Gateway]]
* [[Athens DA Protocol]]
* [[A University Shibboleth Glossary]]
* [[University IdP Terms and Conditions]]
* [[More on eduPersonPrincipleName]]

Latest revision as of 11:40, 3 March 2020

We're working on improving Raven resources for developers and site operators.

Try out the new Raven documentation for size.

Shibboleth logo

Shibboleth is an international development supporting authentication and authorisation for web-based applications, based on international standards. Raven has supported the Shibboleth protocol (in addition to the older, local Webauth protocol) since September 2007.

Shibboleth background and reference
links, mainly external, to background and reference information about Shibboleth and the Raven/Shibboleth service
Shibboleth software
sources of software implementing the Shibboleth protocol
Shibboleth documentation and HOWTOs
additional documentation and HOWTOs