Presentation on theme: "KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows."— Presentation transcript:
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows
Implementing Shibboleth at Kidderminster College Nearly 3 years ago we embarked on a JISC Core Middleware Shibboleth project Why? because we adopted an open source VLE and other technologies within the College Within the College we have always had a strong open source team JISC advocates open source technology
What will be the benefits of Shibboleth? Users will have a single sign-on using an institutional ID and password for a wide range of resources, as well as the assurance that their personal data will not be disclosed to third parties. LRC will be free of the burden of user name and password administration, and will have new tools for managing licenses and service subscriptions. IT Managers will have more control of the access management process, i.e. centralised access management using the college Active Directory/LDAP store Institutions will have a single service to meet the requirements of e-learning, e-research and library-managed resources.
Started with an IdP on Linux Box Although the Internet2 documentation was accurate in its description of how Shibboleth works The technical guidelines were generic and not specific, this was apparent in creating an “SP” The Project “Birth of KC-ROLO”
Get the Documentation in place Our main ally was documentation Log progress at each step With pre-written scripts to download Continually updating scripts
How we’re using Shibboleth To share internal VLEs with different sections To share VLEs with partner institutions To share learning objects with partner institutions via an Open Source repository Contains learning objects, NLN and custom materials Search front end protected by shibboleth, no code change Shibbolized repository submitter, only members of Kidderminster College with the “Staff” attribute can submit.
Benefits to the Users No multiple logins to put them off Access to resources at other sites provides greater choice of materials Students & staff can collaborate with members of other institutions
Federated Access Management?
What is Federated Access Management? Federated Access Management builds a trust relationship between Identity Providers (IdP) and Service Providers (SP). It devolves the responsibility for authentication to a user’s home institution, and establishes authorisation through the secure exchange of information (known as attributes) between the two parties.
There will be three options Become a full member of the UK Access Management Federation, using community-supported tools. Become a full member of the UK Access Management Federation, using tools with paid-for support. Subscribe to an ‘outsourced Identity Provider’ to work through the Federation on your behalf, such as continued use of Athens with the gateways.
A little confusing? What does this mean to the college? Option 1. College will have a server in-house installed with Shibboleth IdP (Identity Provider) and linked to their Active Directory or LDAP store, supported by the College ICT Services. Options 2. College purchases the server, (this is were we have been active in carrying out this service for college’s) –install Shibboleth –link to your AD/LDAP store, provide Technical support and documentation. Options 3. College will pay Athens a subscription cost to external supplier and an internal administration role.