Download presentation
Presentation is loading. Please wait.
Published byHarriet Hart Modified over 8 years ago
1
Blackboard Learning System r6 and Shibboleth Barry Ribbeck U.Texas Health Science Center at Houston Christopher Etesse Blackboard Inc.
2
Blackboard Learning System Requirements –Shib 1.0 or greater* –Blackboard 6.0.11 or higher Support –Shibboleth will be fully supported as a custom authentication option in Bb (currently in a limited Alpha release) Disclaimer –Limited support, tested only on Red Hat Linux andSun Solaris implementations
3
Connection Details User connecting to {shib(Bb)} is redirected to Wayf as expected Target requires eppn and eduPersonEntitlement If AA assertions are accepted, Bb remote user is populated with eppn –BbShibbolethAuthModule gets the remote user and creates the user object in BbLS Can be extended via “Bb Advanced Data and Authentication Manual” See next slide Bb can create user account in DB on login (User Account Generation on Gateway: Enable ) or it can be created a priori Currently, course admin must add user to respective courses manually or in batch process * * This assumes a particular database management model
4
Authentication Implementation BbShibbolethAuthModule.
5
Processes Get a list of eppns from remote site authority for proper assignment into BB and course Populate into BB Agree on assertion exchange for authZ Agree on what to do with the data after the course is completed
6
Yet to be done Standardization on value to populate remote user A way to mix local and shib users by redirection at portal by user choice or failover to Shib A way to utilize an assertion for adding a user to a course so that course managers do not have to add them manually Discussions about how to support remote users who are not under your institutions domain of control
7
Ongoing Work Standardized Course attributes in LDAP Shibboleth protected Portals Non-Web based shibboleth protected resources RBAC space
8
Shibboleth and Blackboard by Barry Ribbeck, UTHSC-Houston Home University Attribute Authority Authentication System (ISO/SSO/Cert) Handle Service Resource Provider SHIRE Allow HomeU AA SHAR Resource Manager Browser Federation WAYF SERVICE (IN COMMON) 1. I would like access? 3. Where are you from? 4. I am from HU, logged in? ORIGIN TARGET 5. Authenticate me to HU 2. Can you authenticate via my Wayf ? 7. Need eppn & eduPersonEntitlemnt for X? 6. AuthN ok send handle X to Target 8. Link Handle X to user and Lookup attributes RBAC Authorization System - LDAP (eduperson) 9. Attributes found and Released 10. If ARP allows, attributes are sent to Target. If attributes are sufficient, access is granted by Resource Manager on Target Bb remoteuser=eppn auto acct generation = off 11 Logged onto Bb Shib Software =
9
Educause Meeting If you are planning to be at Educause, and would like to get together to discuss BB/Shib at that meeting, contact Chris
10
References Official Bb documentation - soon Barry Ribbeck Director of Systems Integration University of Texas Health Science Center at Houston Barry.R.Ribbeck@uth.tmc.edu Christopher Etesse Senior Director of Technology Blackboard Inc. cetesse@blackboard.com
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.