Home » FIM Service Bulletins

FIM Service Bulletins

Using SAML Proxying in the Shibboleth IdP to Connect with Azure AD

Disclaimer: You may find this solution here. It is a CANARIE contribution back to the international community. The most current version of this technical guide is located on the Shibboleth Wiki located here. The French version will be updated regularly on our website.

Read More...
blog arrowDate: January 22, 2021


Shibboleth v4 Upgrade Guidance

Regardless of the platform you use, keeping current on your Identity Provider (IdP) software is a vital factor in your organization’s security practices. This guidance highlights upcoming end-of-support in December 2020 for Shibboleth IdPs older than v4.0.1 and aims to assist navigating various upgrade pathways. As you plan your update, it is a great opportunity […]

Read More...
blog arrowDate: December 8, 2020


Security Bulletin for SAML2 Service Providers

A new flaw has been found in the XML processing performed by various SAML Service Providers. Advisory Summary The Shibboleth Service Provider software and other SAML implementations are vulnerable to forged user attribute data, which could facilitate user impersonation that exposes protected information. To mitigate the risk, we urge Service Providers participating in CAF or […]

Read More...
blog arrowDate: March 1, 2018


Security Advisory for Shibboleth Service Providers

A security advisory for the Shibboleth Service Provider software was published for both Linux and Windows platforms. The Shibboleth Service Provider software is vulnerable to forged user attribute data, which could facilitate user impersonation that exposes protected information. To mitigate the risk, we urge Service Providers participating in CAF or using the software local to […]

Read More...
blog arrowDate: January 31, 2018