Blackboard Learning System r6 and Shibboleth Barry Ribbeck U.Texas Health Science Center at Houston Christopher Etesse Blackboard Inc.

Slides:

Advertisements

Similar presentations

Federated Identity for Grid Architects Tom Scavo NCSA

Advertisements

Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.

College An insight Into the College VLE Graham Mason

KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.

ClearCube Data Failover 3.0 Overview and Demonstration Rev

Shibboleth: How It Relates to SAML Marlena Erdos Aug 27, 2001.

Federations in Texas Barry Ribbeck University of Texas Health Science Center at Houston.

EDINA 20 th March 2008 EDINA Geo/Grid - Security Prof. Richard O. Sinnott Technical Director, National e-Science Centre University of Glasgow, Scotland.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (

Shibboleth and InCommon Copyright Texas A&M University This work is the intellectual property of the author. Permission is granted for this material.

Learning Management Systems Camp June 2004 Barry R Ribbeck UT HSC Houston Copyright, Barry Ribbeck, This work is the intellectual property of the.

Shibboleth Update a.k.a. “shibble-ware”

How To Batch Register Your Students

Shibboleth: New Functionality in Version 1 Steve Carmody July 9, 2003 Steve Carmody July 9, 2003.

Federated A(A(A))I Jens Jensen hepsysman, RAL,

Project Shibboleth Update, Demonstration and Discussion Michael R Gettes Duke University (on behalf of the entire shib team!!!) June.

Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.

AAF Middleware update February Presented by Terry Smith Technical Manager and Heath Marks Manager.

3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.

Mairéad Martin The University of Tennessee September 13, 2015 Federated Digital Rights Management.

Shibboleth Possible Features – Version 2 Steve Carmody July 9, 2003 Steve Carmody July 9, 2003.

TNC2004 Rhodes 1 Authentication and access control in Sympa mailing list manager Serge Aumont & Olivier Salaün May 2004.

7 October 2015 Shibboleth. Agenda  Shibboleth Background and Status  Why is Shibboleth Important (to Higher Ed)?  Current Pilots Course Management.

Shib-Grid Integrated Authorization (Shintau) George Inman (University of Kent) TF-EMC2 Meeting Prague, 5 th September 2007.

AAI-enabled VO Platform “VO without Tears” Christoph Witzig EGI TF, Amsterdam, Sept 15, 2010.

Shibboleth: Installation and Deployment Scott Cantor July 29, 2002 Scott Cantor July 29, 2002.

2005 © SWITCH Perspectives of Integrating AAI with Grid in EGEE-2 Christoph Witzig Amsterdam, October 17, 2005.

Shibboleth Update Michael Gettes Principal Technologist Georgetown University Ken Klingenstein Director Interne2 Middleware Initiative.

The DSpace Course Module – User management and authentication options.

David L. Wasley Office of the President University of California Shibboleth Safe delivery of reliable authorization data David L. Wasley University of.

Internet2 CAMP Shibboleth Scott Cantor (Hey, that’s my EPPN too.) Tom Dopirak Scott Cantor (Hey, that’s my.

Shibboleth On-line Authentication System Jon Browne Senior Consultant Drew Heald BSc (Hons), MPhil, MCP Systems Developer IBIS Business Consultants Ltd.

LGfL Update Stewart Duncan LGfL Technical Manager Ian Lehmann LGfL Operations Manager.

MAT U M A T U Middleware Assisted Take-Up Service For JISC Funded Early Adopters.

Internet2 Middleware Initiative Shibboleth Ren é e Shuey Systems Engineer I Academic Services & Emerging Technologies The Pennsylvania State University.

US of A and A Activities Ken Klingenstein, Director Internet2 Middleware Initiative.

Shibboleth: Installation and Deployment Scott Cantor July 29, 2002 Scott Cantor July 29, 2002.

Technical Topics for Deployed Campuses: Web SSO Will Norris University of Southern California.

1 Protection and Security: Shibboleth. 2 Outline What is the problem Shibboleth is trying to solve? What are the key concepts? How does the Shibboleth.

Internet 2 Weaving a Trust Fabric Shibboleth & PKI Spring 2003 Barry R Ribbeck University of Texas Health Science Center at.

OGF22 25 th February 2008 OGF22 Demo Slides Prof. Richard O. Sinnott Technical Director, National e-Science Centre University of Glasgow, Scotland

Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.

Digital Diversity: Multi- institutional Access to Distributed Course Resources Barry Ribbeck UT HSC - Houston.

Portal Update Plan Ashok Adiga (512)

Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.

Mairéad Martin The University of Tennessee December 16, 2015 Federated Digital Rights Management.

Shibboleth Trust Model Shibboleth/SAML Communities (aka Federated Administrations) Club Shib Club Shib Application process Policy decision points at the.

Shibboleth & Federated Identity A Change of Mindset University of Texas Health Science Center at Houston Barry Ribbeck

Grid Security and Identity Management Mine Altunay Security Officer, Open Science Grid, Fermilab.

Attribute Delivery - Level of Assurance Jack Suess, VP of IT

Administrative Information Systems Shibboleth Install Session Technical Information Session for Developers Datta Mahabalagiri.

Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.

WebISO, Single Sign-On & Authorization General Overview Shelley Henderson Project Manager, Grid Software USC Information Services Copyright.

NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.

Shibboleth 1.2 Technical Overview “So you thought 1.1 was complicated…” Scott Cantor The Ohio State University and Internet2 Scott Cantor.

Shibboleth for Middle Schools James Burger -

Shibboleth Use at the National e-Science Centre Hub Glasgow at collaborating institutions in the Shibboleth federation depending.

Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.

Shibboleth Project at GSU

CAS and Web Single Sign-on at UConn

e-Infrastructure Workshop 28th March 2006, University of Leeds

Scott Cantor April 10, 2003 Shibboleth and PKI Scott Cantor April 10, 2003.

What’s changed in the Shibboleth 1.2 Origin

Michael R Gettes, Duke University On behalf of the shib project team

Federated Digital Rights Management

BlackBoard 5 A Definitive e-Learning Software Platform Ozgur Balsoy,

Access eJournals Form Your Home

Shibboleth Deployment Overview

Presentation transcript:

Blackboard Learning System r6 and Shibboleth Barry Ribbeck U.Texas Health Science Center at Houston Christopher Etesse Blackboard Inc.

Blackboard Learning System Requirements –Shib 1.0 or greater* –Blackboard or higher Support –Shibboleth will be fully supported as a custom authentication option in Bb (currently in a limited Alpha release) Disclaimer –Limited support, tested only on Red Hat Linux andSun Solaris implementations

Connection Details User connecting to {shib(Bb)} is redirected to Wayf as expected Target requires eppn and eduPersonEntitlement If AA assertions are accepted, Bb remote user is populated with eppn –BbShibbolethAuthModule gets the remote user and creates the user object in BbLS Can be extended via “Bb Advanced Data and Authentication Manual” See next slide Bb can create user account in DB on login (User Account Generation on Gateway: Enable ) or it can be created a priori Currently, course admin must add user to respective courses manually or in batch process * * This assumes a particular database management model

Authentication Implementation BbShibbolethAuthModule.

Processes Get a list of eppns from remote site authority for proper assignment into BB and course Populate into BB Agree on assertion exchange for authZ Agree on what to do with the data after the course is completed

Yet to be done Standardization on value to populate remote user A way to mix local and shib users by redirection at portal by user choice or failover to Shib A way to utilize an assertion for adding a user to a course so that course managers do not have to add them manually Discussions about how to support remote users who are not under your institutions domain of control

Ongoing Work Standardized Course attributes in LDAP Shibboleth protected Portals Non-Web based shibboleth protected resources RBAC space

Shibboleth and Blackboard by Barry Ribbeck, UTHSC-Houston Home University Attribute Authority Authentication System (ISO/SSO/Cert) Handle Service Resource Provider SHIRE Allow HomeU AA SHAR Resource Manager Browser Federation WAYF SERVICE (IN COMMON) 1. I would like access? 3. Where are you from? 4. I am from HU, logged in? ORIGIN TARGET 5. Authenticate me to HU 2. Can you authenticate via my Wayf ? 7. Need eppn & eduPersonEntitlemnt for X? 6. AuthN ok send handle X to Target 8. Link Handle X to user and Lookup attributes RBAC Authorization System - LDAP (eduperson) 9. Attributes found and Released 10. If ARP allows, attributes are sent to Target. If attributes are sufficient, access is granted by Resource Manager on Target Bb remoteuser=eppn auto acct generation = off 11 Logged onto Bb Shib Software =

Educause Meeting If you are planning to be at Educause, and would like to get together to discuss BB/Shib at that meeting, contact Chris

References Official Bb documentation - soon Barry Ribbeck Director of Systems Integration University of Texas Health Science Center at Houston Christopher Etesse Senior Director of Technology Blackboard Inc.