Enabling UCTrust Access for Your Application Introduction to The UC CSC Conference UC Santa Barbara, July 21-22, 2008.

Slides:



Advertisements
Similar presentations
Shibboleth and UKAMF-FEAR not as scary as it sounds! Rhys Smith Cardiff University.
Advertisements

Lousy Introduction into SWITCHaai
Federation management A mess? Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.
Options for integrating the JANET Roaming Service (JRS) and Shibboleth Tim Chown University of Southampton (UK) JISC Access Management.
Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.
Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.
Introduction to Shibboleth and the IAMSECT Project.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
Brown University Shibboleth at Brown University James Cramton April 2, 2009 Copyright © James Cramton 2009 This work is the intellectual property of the.
Eunice Mondésir Pierre Weill-Tessier 1 Federated Identity with Ping Federate Project Supervisor: M. Maknavicius-Laurent ASR Coordinator: G. Bernard ASR.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.
Infrastructure for Multi-Professional Education and Training Using Shibboleth.
NJVid New Jersey Video Portal 1 Grant partners. NJVid New Jersey Video Portal 2 NJTrust - New Jersey Identity Trust Federation NJViD Advisory Board Meeting.
Administrative Information Systems Shibboleth: The Next Generation ISIS Technical Information Session for Developers Datta Mahabalagiri March
Shibboleth-intro-dec051 Shibboleth A Technical Overview Tom Scavo NCSA.
AAI with simpleSAMLphp
SWITCHaai Team Introduction to Shibboleth.
Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.
External Identity and Authorization in GENI. Topics Federated identity and virtual organizations ABAC Creating and transporting attributes.
Integrating with UCSF’s Shibboleth system
USCGrid A (Very Quick) Introduction To PubCookie
Shibboleth and Grids Oxford Internet Institute, Oxford e-Science Centre and e-Horizons Institute Mark Norman 10 May 2006.
ArcGIS Server and Portal for ArcGIS An Introduction to Security
SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.
Michael Ghens Information Systems Specialist Santa Barbara City College.
Shibboleth for Real Dave Kennedy
User Provisioning Project Presented to ITLC September 28, 2010 David Walker, ITAG Co-Chair Information and Educational Technology, UC Davis Mary Doyle,
Shibboleth at the U of M Christopher A. Bongaarts code-people June 2, 2011.
ShibGrid: Shibboleth access to the UK National Grid Service University of Oxford and STFC.
LGfL Update Stewart Duncan LGfL Technical Manager Ian Lehmann LGfL Operations Manager.
Federated Identity and Shibboleth Concepts Rick Summerhill Chief Technology Officer Internet2 GEC3 October 29, 2008 Slides by Nate Klingenstein
Shibboleth: An Introduction
Internet2 Middleware Initiative Shibboleth Ren é e Shuey Systems Engineer I Academic Services & Emerging Technologies The Pennsylvania State University.
1 Protection and Security: Shibboleth. 2 Outline What is the problem Shibboleth is trying to solve? What are the key concepts? How does the Shibboleth.
Administrative Information Systems Shibboleth: The Next Generation ISIS Technical Information Session for ISIS Developers January 30, 2007.
OGF22 25 th February 2008 OGF22 Demo Slides Prof. Richard O. Sinnott Technical Director, National e-Science Centre University of Glasgow, Scotland
Shibboleth at the U of M Christopher A. Bongaarts net-people March 10, 2011.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Services Information University Project Sentinel Middleware & Identity Management for the Health Sciences Chad La Joie Georgetown University.
Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.
PAPI: Simple and Ubiquitous Access to Internet Information Services JISC/CNI Conference - Edinburgh, 27 June 2002.
Shibboleth & Grid Integration STFC and University of Oxford (and University of Manchester)
Campuses New to Shibboleth: WebSSO Barry Johnson
Administrative Information Systems Shibboleth Install Session Technical Information Session for Developers Datta Mahabalagiri.
Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.
Shibboleth for Middle Schools James Burger -
1 Identities and Federation: The Next IT Wave (The Canadian Access Federation) Rick Bunt President The Canadian University Council of CIOs (CUCCIO)
Shibboleth Use at the National e-Science Centre Hub Glasgow at collaborating institutions in the Shibboleth federation depending.
Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.
Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.
Shibbolizing uPortal and a Path for Delegated Authentication with Shibboleth Tom Barton, Scott Cantor, and Andrew Petro The Ohio State University, University.
Shibbolizing uPortal and a Path for Delegated Authentication with Shibboleth Tom Barton, Scott Cantor, and Andrew Petro The Ohio State University, University.
David Millman—Columbia January 2005
Shibboleth Architecture
Introducing Access Management
Single Sign-On Led by Terrice McClain, Jen Paulin, & Leighton Wingerd
Federation Systems, ADFS, & Shibboleth 2.0
CAS and Web Single Sign-on at UConn
Prime Service Catalog 12.0 SAML 2.0 Single Sign-On Support
Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)
A Business Case for Identity Management in Higher Education
Overview and Development Plans
Agenda Introductions Brief review of our project charge
Central Authentication Service
Today Introducing IAMUCLA ISIS to Shibboleth Migration
Shibboleth 2.0 IdP Training: Introduction
User Provisioning Project
Presentation transcript:

Enabling UCTrust Access for Your Application Introduction to The UC CSC Conference UC Santa Barbara, July 21-22, 2008

Shibboleth The technology behind UCTrust A Federated Single Sign-on Software Open Source; developed by Internet2 Allows selective release of user information, based on home institutions data release policy

Single Sign-On Allows access to protected online resources Users logs in only once Reduced administration Increased Security

Federated Single Sign-On across institutions User logs in using her home institutions login ID to outside resources Federation helps with coordinating policy and practices among participants UC Trust

Shibboleth Components Service Provider The client side Lives on your web server Handles authentication and access requests for your web server Modules available for Apache and IIS. SP

Shibboleth Components Identity Provider The Server side Typically one per campus Responds to SP requests Logs in users Answer attribute query requests IdP

Shibboleth Components Where Are You From Location Discover Service in Shibboleth 2.0 Lets user choose his/her home organization WAYF

Shibboleth in Action Associate Professor in Linguistics Bob needs to make travel arrangements for his upcoming conference Bob

Shibboleth in Action IdP SP Web App web server 1 Bob visits the UC Travel Portal. 1

Shibboleth in Action IdP SP Web App web server 2 1 Bob isnt logged in. The SP intercepts the request and redirects Bob to a campus IdP to login. 2

Shibboleth in Action IdP SP Web App web server 2 1 Oops! We dont know where Bobs from. SP sends Bob to WAYF so Bob can choose tell us who is his home campus. WAYF 3 3

Shibboleth in Action IdP SP Web App web server 2 1 Bob picks his campus. Now we can go to his home IdP. WAYF 3 4 4

Shibboleth in Action IdP SP Web App web server Bob logs in at his home campuss IdP. WAYF 3 4 5

Shibboleth in Action IdP SP Web App web server The IdP processs the login attempt. If successful, it sends Bob, along with information about Bob, back to the SP. WAYF 3 4 6

Shibboleth in Action IdP SP Web App web server SP now has proof that Bob has successfully logged in. It forwards Bobs request onto the Travel Portal. WAYF 3 4 7

Shibboleth in Action IdP SP Web App web server WAYF 3 4

Shibboleth Home IAMUCLA Shibboleth Connector for Confluence oleth+Authenticator+for+Confluence TestShib

Installing a SP Demonstration

Shibboleth in Action IdP SP Web App web server Describe whats going on on this slide WAYF 3 4 1

Shibboleth in Action IdP SP Web App web server

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.