Raven/Shibboleth: Difference between revisions

From RavenWiki
Jump to navigationJump to search
m (Shibboleth moved to Raven/Shibboleth)
(Reorganised and divided to mark the end of the Shib project and the start of the Raven/Shibboleth service)
Line 1: Line 1:
[[Image:ShibbolethLogoColor.png|right|Shibboleth logo]]
[[Image:ShibbolethLogoColor.png|right|Shibboleth logo]]


==Shibboleth information==
Shibboleth is an international development supporting authentication and authorisation for web-based applications, based on international standards. Raven has supported the Shibboleth protocol (in addition to the older, local [[Raven/Webauth | Webauth]] protocol since September 2007.


===Background===
; '''[[Shibboleth background and reference]]''' : links, mainly external, to background and reference information about Shibboleth and the Raven/Shibboleth service
 
; '''[[Shibboleth software]]''' : sources of software implementing the Shibboleth protocol
* [[A brief introduction to Shibboleth]]
; '''[[Shibboleth documentation and HOWTOs]]''' : additional documentation and HOWTOs
* [https://spaces.internet2.edu/display/SHIB/ShibbolethGlossary Shibboleth Glossary]
* "Federated Security: The Shibboleth Approach", R. L. "Bob" Morgan, Scott Cantor, Steven Carmody, Walter Hoehn, and Ken Klingenstein -  [http://www.educause.edu/pub/eq/eqm04/eqm0442.asp as html]; [http://www.educause.edu/ir/library/pdf/eqm0442.pdf as pdf]
* Part 3 of "Web Services Security", Bilal Siddiqui, talks about SAML (the Security Assertions Markup Language) which is what underpins Shibboleth. [http://webservices.xml.com/pub/a/ws/2003/03/04/security.html Part 1] [http://webservices.xml.com/pub/a/ws/2003/04/01/security.html Part 2] [http://webservices.xml.com/pub/a/ws/2003/05/13/security.html Part 3] [http://webservices.xml.com/pub/a/ws/2003/07/22/security.html Part 4]
* [http://hdl.handle.net/1988/2771 John Paschoud's 'Shibboleth: Guide for SysAdmins']
* [http://www-uxsup.csx.cam.ac.uk/~jw35/courses/itliaison/shib/ Jon's IT Liaison Meeting presentation], Jan 2007
* Jon's Techlink presentation, May 2007 [http://www-uxsup.csx.cam.ac.uk/~jw35/courses/techlink/shib-intro/ as HTML], [http://www-uxsup.csx.cam.ac.uk/~jw35/courses/techlink/shib-intro/shib-intro.pdf as PDF]
 
===Organizations===
 
* [http://www.jisc.ac.uk/ JISC], and their [http://www.jisc.ac.uk/uploaded_documents/CMRoadmap03_05.doc Shibboleth plans] (MS Word format, sorry)
** [http://involve.jisc.ac.uk/wpmu/jam/ JISC Access Management Team Blog]
* [http://www.becta.org.uk/ BECTA]
* [http://www.ukfederation.org.uk/ The UK Access Management Federation]
 
===Shibboleth-compliant publishers===
 
* [http://www.ovid.com/ Ovid]
 
===Software and reference===
 
* [http://shibboleth.internet2.edu/ Internet2 Shibboleth Project]
* [http://www.guanxi.uhi.ac.uk/index.php/Guanxi:About Guanxi] (an alternative implementation)
* [http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security SAML]
* [http://www.educause.edu/eduperson/ EduPerson] (while Shib doesn't require the EduPerson LDAP schema, it does use it to define some attributes)
* Athens:
** [http://www.lib.cam.ac.uk/electronicresources/Access_Passwords.htm#Athens Local]
** [http://www.athensams.net/ From Eduserv]
* [http://www.switch.ch/aai/support/tools/arpviewer.html ArpViewer]
* [http://rnd.feide.no/2007/08/30/public-release-of-shibboleth-13-sp-written-in-php/ A Shib SP in PHP?]
 
==Shibboleth Development Project==
 
===Demo links===
 
UK Federation test targets (only the first will work from Lapwing):
* https://target.sdss.ac.uk/secure/index.html
* https://target.iay.org.uk:8446/secure/index.html
* https://target.iay.org.uk:8446/secure/printenv.cgi
* https://nevis.ed.ac.uk:8885/cgi-bin/printenv
 
Example SPs via Shib (not all guaranteed to be accessible from Cambridge). These and other SPs are listed on the UK Federation's [http://www.ukfederation.org.uk/content/Documents/AvailableServices Available Services] page:
 
* [https://spaces.internet2.edu/display/SHIB/WebHome Shibboleth Project Wiki]
* [https://weather.atomwide.com/ Atomwide Weather Project]
* [http://www.sciencedirect.com/ ScienceDirect]
* [http://www.filmandsound.ac.uk/ Film & Sound Online] (click on 'via UK Federation')
* [http://edina.ac.uk/times-index/shibb.shtml Index to the Times] (click on 'via UK Federation')
* [http://zetoc.mimas.ac.uk:8000/cgi-bin/shibb Zetoc Alert]
* [http://zetoc.mimas.ac.uk:8000/cgi-bin/wzshib Zetoc Search]
* [http://www.jiscmail.ac.uk JISCMail] (see https://www.jiscmail.ac.uk/help/policy/shibmode.htm for details)
* [http://www.jvcs.ja.net/docs/bookingint.shtml JANET Videoconferencing Booking Service] (see http://www.jvcs.ja.net/vcng/help/shibboleth.shtml)
 
* [https://mnementh.csi.cam.ac.uk/secure/ Local demo site] on mnementh
 
Example Athens content providers via Shib->Athens gateway (or indeed almost any other Athens-protected resource - see http://www.lib.cam.ac.uk/electronicresources/):
 
* [http://auth.athensams.net/my/ MyAthens]
* [http://www.filmandsound.ac.uk/ Film & Sound Online] (click on 'via Athens')
* [http://edina.ac.uk/times-index/shibb.shtml Index to the Times] (click on 'via Athens')
 
===Project Documents===
 
* [[Shibboleth Attribute Usage and Derivation]]
* [[Assigning Athens permissions sets]]
* [[Data Protection issues with Shibboleth]]
* [[Shibboleth Attribute Release policy summary]]
* [[Shibboleth Attribute Release meta-Policy]]
* [[Using the Shibboleth to Athens Gateway]]
* [[Athens DA Protocol]]
* [[A University Shibboleth Glossary]]
* [[University IdP Terms and Conditions]]
* [[More on eduPersonPrincipleName]]

Revision as of 11:22, 8 October 2007

Shibboleth logo

Shibboleth is an international development supporting authentication and authorisation for web-based applications, based on international standards. Raven has supported the Shibboleth protocol (in addition to the older, local Webauth protocol since September 2007.

Shibboleth background and reference
links, mainly external, to background and reference information about Shibboleth and the Raven/Shibboleth service
Shibboleth software
sources of software implementing the Shibboleth protocol
Shibboleth documentation and HOWTOs
additional documentation and HOWTOs