Implementing Kuali Identity Management at your Institution Jasig Spring 2010 Wednesday, March 10, 2010 8 am.

Slides:



Advertisements
Similar presentations
>> Fronter Helsinki, April 8 th, 2008 Aleksander Pettersen.
Advertisements

Shibboleth 2.0 and Beyond Chad La Joie Georgetown University Internet2.
Towards Common Identity Services Tom Barton University of Chicago.
CASE STUDIES Indiana University University of California, Davis University of Maryland San Joaquin Delta College University of Arizona University of Washington.
Kuali Identity Management: Introduction and Implementation Options Jasig - Spring 2010 Wednesday, March 10, :30 am.
Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.
FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.
WSO2 Identity Server Road Map
UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.
CASE STUDY: UNIVERSITY OF CALIFORNIA, DAVIS. UNIVERSITY OF CALIFORNIA, DAVIS Implemented Rice in October 2009 Integrated home-grown Faculty Merit.
Portal … from the trenches! Deployment Patterns
Implementing Kuali Identity Management at your Institution Kuali Days VIII San Antonio Texas Pre-conference Workshop Monday, November 16, a.m. -
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
1 Kuali Identity Management Advanced CAMP: Identity Services Summit for Higher Ed Open / Community-Source Projects.
Kuali Rice at Indiana University Rice Setup Options July 29-30, 2008 Eric Westfall.
SWITCHaai Team Introduction to Shibboleth.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Security in Virtual Laboratory System Jan Meizner Supervisor: dr inż. Marian Bubak Consultancy: dr inż. Maciej Malawski Master of Science Thesis.
Exploring InCommon Getting Started with InCommon: Creating Your Roadmap.
Grouper at the University of Minnesota Christopher A. Bongaarts Grouper Virtual Working Group May 20, 2013.
Identity Management Access control / access management
INTEGRATION WITH OTHER IDM SOLUTIONS Remember… The primary goal of KIM was to build a service- oriented abstraction layer for Identity and Access Management.
I2Q & WMnet Pilot Presented by Jason Rousell – i2Q Jay Neale - i2Q.
KUALI IDENTITY MANAGEMENT Provides services for Identity and Access Management in Kuali Integrated Reference Implementations User Interfaces An “integration.
Shibboleth: Installation and Deployment Scott Cantor July 29, 2002 Scott Cantor July 29, 2002.
Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.
Shibboleth for Real Dave Kennedy
Shibboleth 2.0 IdP Training: Authentication January, 2009.
CAS Lightning Talk Jasig-Sakai 2012 Tuesday June 12th 2012 Atlanta, GA Andrew Petro - Unicon, Inc.
Project Moonshot update ABFAB, IETF 80. About Moonshot Moonshot is implementing ABFAB Developer meeting, 24 March 2011 Testing event, 25 March 2011 A.
Emerson David – University of California Davis David Elyea – San Joaquin Delta College Scott Gibson – University of Maryland Jeremy Hanson – Iowa State.
Connect. Communicate. Collaborate Federation Interoperability Made Possible By Design: eduGAIN Diego R. Lopez (RedIRIS)
Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.
Shibboleth for Local Attribute Delivery 21 June 2007.
Internet2 Middleware Initiative Shibboleth Ren é e Shuey Systems Engineer I Academic Services & Emerging Technologies The Pennsylvania State University.
Implementing Kuali Identity Management at your Institution Jasig Spring 2010 Wednesday, March 10, am.
Technical Topics for Deployed Campuses: Web SSO Will Norris University of Southern California.
Kuali Identity Management: Introduction and Implementation Options Jasig - Spring 2010 Wednesday, March 10, :30 am.
Grouper Training Developers and Architects Integration Chris Hyzer Internet2 University of Pennsylvania This work licensed under a Creative Commons Attribution-NonCommercial.
Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.
February, TRANSCEND SHIRO-CAS INTEGRATION ANALYSIS.
Grouper Training Developers and Architects Client - Part 3 Chris Hyzer Internet2 University of Pennsylvania This work licensed under a Creative Commons.
Campuses New to Shibboleth: WebSSO Barry Johnson
Kuali Identity Management: Introduction and Implementation Options Jasig - Spring 2010 Wednesday, March 10, :30 am.
Administrative Information Systems Shibboleth Install Session Technical Information Session for Developers Datta Mahabalagiri.
What’s new with Grouper 26-April-2010, Spring Member Meeting Chris Hyzer, Grouper developer.
Shibboleth at USMAI David Kennedy Spring 2006 Internet2 Member Meeting, April 24-26, 2006 – Arlington, VA.
F5 APM & Security Assertion Markup Language ‘sam-el’
Shibbolizing uPortal and a Path for Delegated Authentication with Shibboleth Tom Barton, Scott Cantor, and Andrew Petro The Ohio State University, University.
Web SSO with Cloud Resources using AD Federation Services
The IGTF to eduGAIN Bridge
Access Policy - Federation March 23, 2016
Using Your Own Authentication System with ArcGIS Online
Azure Active Directory - Business 2 Consumer
LIGO Identity and Access Management
Introducing Access Management
Single Sign-On Led by Terrice McClain, Jen Paulin, & Leighton Wingerd
Analyn Policarpio Andrew Jazon Gupaal
Federation made simple
Federation Systems, ADFS, & Shibboleth 2.0
Shibboleth Integration Fairfield University
CAS and Web Single Sign-on at UConn
John O’Keefe Director of Academic Technology & Network Services
Umbrella authentication
Identity Federations - Installation and operation
ESA Single Sign On (SSO) and Federated Identity Management
Open Source Web Initial Sign-On Packages
Mechanisms for Distributed Global Authentication David R Newman.
AD FS Integration Active Directory Federation Services (AD FS) 7.4
Device Registration and Multi-Factor Authentication
Presentation transcript:

Implementing Kuali Identity Management at your Institution Jasig Spring 2010 Wednesday, March 10, am

2 Implementing Kuali Identity Management at your Institution Eric Westfall Indiana University Dan Seibert University of California, San Diego

Integrating KIM with other IdM products Implementing Kuali Identity Management at your Institution 3

4 KIM Integration Integration with various Identity Management Systems

5 with Intra-campus Web SSO Federated Access to a Rice application KIM as an Identity Provider (IdP) Using Shibboleth Attributes for KIM authorization

6 with Federated Authentication Shibboleth Login Process

7 with Federated Authentication Protecting a Rice application as a Service Provider (SP) A web server and openssl must be available first Install Shibboleth Configure the web server Override KIM Authentication Service Start the Shibboleth daemon, shibd

8 with KIM as an Identity Provider Prerequisites: SSL certificate, source of SAML Metadata Install Shibboleth IdP Load SAML Metadata Configure KIM as the User Authentication Mechanism

9 with KIM as user Authentication Mechanism Define Login Handler to match AuthenticationService Impl Ex: Remote User for reference AuthenticationServiceImpl Username/Password for LDAP Impl

10 with Authorization Attributes Shibboleth Attributes as KIM Authorization Identify Attribute Sources Define Policies for Attribute Handling, for SPs Define New Business Processes Define New Policies

11 with Federated Authentication

12 with Collaborative development of KIM/Grouper Adaptors Chris Hyzer, University of Pennsylvania Differences between KIM and Grouper How they might work together

13 with Differences between KIM and Grouper

14 with Adapter Overview Custom Implementation of KIM Services using Grouper Client API GroupService GroupUpdateService IdentityService

15 with Installation grouperClient.jar grouperKimConnector.jar grouper.client.properties Override kimGroupService

16 Integrating KIM with LDAP UofA LDAP Integration Approach (UCDavis, SJDC also have implementations) Using CAS to connect to LDAP

17 KIM with LDAP (UofA example) UA netid is used for authentication Identity information is available in UA’s Enterprise Directory Service (EDS) Connect to EDS using Spring LDAP and overriding the KIM IdentityService KIM ParameterService provides map between KIM and LDAP attributes In order to use the KIM GUI’s properly, the UIDocumentService is also overridden

18 Integrating KIM with LDAP Configure CAS to connect to LDAP

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.