Home
Shibboleth
Shibboleth is open-source software developed mainly out of the Internet2 organization in the US. It is designed to provide federated access to web resources at participating institutions and is mainly based on the use of the Security Assertion Markup Language (SAML) protocol. SAML provides a non-proprietary technology framework for the secure exchange of authentication and authorization information across organizational boundaries.
- Students, educators and researchers access many resources and services over the Internet using a web browser.
- In the past, access to controlled-access applications requires authentication, typically using an id and password maintained by each application provider. Not only did the provider have to maintain credentials for all their clients, but users had to remember these additional credentials. More importantly, user's personal information was stored by many organizations they had limited relationships with.
- With Shibboleth, the user is granted access to a remote application based on verification of their credentials (id/password) at their home institution. The service provider is provided only pre-approved personal information necessary to provide the service. Changes by the home institution to the credentials or personal information are automatically reflected on subsequent transactions.
- Because the home institution controls user authentication, single sign-on can be implemented. Once the user’s identity is verified once, the home institution can automatically and transparently authenticate access for other services. The user can then access other services without having to log in again.
- Shibboleth, developed by the Internet 2 community in the United States, implements a standardized protocol for access management (SAML) being adopted by education and commercial sectors in many countries. www.shibboleth.internet2.edu