Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enabling UCTrust Access for Your Application Introduction to The UC CSC Conference UC Santa Barbara, July 21-22, 2008.

Similar presentations


Presentation on theme: "Enabling UCTrust Access for Your Application Introduction to The UC CSC Conference UC Santa Barbara, July 21-22, 2008."— Presentation transcript:

1 Enabling UCTrust Access for Your Application Introduction to The UC CSC Conference UC Santa Barbara, July 21-22, 2008

2 Shibboleth The technology behind UCTrust A Federated Single Sign-on Software Open Source; developed by Internet2 Allows selective release of user information, based on home institutions data release policy

3 Single Sign-On Allows access to protected online resources Users logs in only once Reduced administration Increased Security

4 Federated Single Sign-On across institutions User logs in using her home institutions login ID to outside resources Federation helps with coordinating policy and practices among participants UC Trust

5 Shibboleth Components Service Provider The client side Lives on your web server Handles authentication and access requests for your web server Modules available for Apache and IIS. SP

6 Shibboleth Components Identity Provider The Server side Typically one per campus Responds to SP requests Logs in users Answer attribute query requests IdP

7 Shibboleth Components Where Are You From Location Discover Service in Shibboleth 2.0 Lets user choose his/her home organization WAYF

8 Shibboleth in Action Associate Professor in Linguistics Bob needs to make travel arrangements for his upcoming conference Bob

9 Shibboleth in Action IdP SP Web App web server 1 Bob visits the UC Travel Portal. 1

10 Shibboleth in Action IdP SP Web App web server 2 1 Bob isnt logged in. The SP intercepts the request and redirects Bob to a campus IdP to login. 2

11 Shibboleth in Action IdP SP Web App web server 2 1 Oops! We dont know where Bobs from. SP sends Bob to WAYF so Bob can choose tell us who is his home campus. WAYF 3 3

12 Shibboleth in Action IdP SP Web App web server 2 1 Bob picks his campus. Now we can go to his home IdP. WAYF 3 4 4

13 Shibboleth in Action IdP SP Web App web server Bob logs in at his home campuss IdP. WAYF 3 4 5

14 Shibboleth in Action IdP SP Web App web server The IdP processs the login attempt. If successful, it sends Bob, along with information about Bob, back to the SP. WAYF 3 4 6

15 Shibboleth in Action IdP SP Web App web server SP now has proof that Bob has successfully logged in. It forwards Bobs request onto the Travel Portal. WAYF 3 4 7

16 Shibboleth in Action IdP SP Web App web server WAYF 3 4

17 Shibboleth Home IAMUCLA https://spaces.ais.ucla.edu/iamucla Shibboleth Connector for Confluence oleth+Authenticator+for+Confluence TestShib

18 Installing a SP Demonstration

19 Shibboleth in Action IdP SP Web App web server Describe whats going on on this slide WAYF 3 4 1

20 Shibboleth in Action IdP SP Web App web server


Download ppt "Enabling UCTrust Access for Your Application Introduction to The UC CSC Conference UC Santa Barbara, July 21-22, 2008."

Similar presentations


Ads by Google