Presentation is loading. Please wait.

Presentation is loading. Please wait.

Shibboleth Integration Fairfield University

Published byEugenia Walton Modified over 6 years ago

Similar presentations

Presentation on theme: "Shibboleth Integration Fairfield University"— Presentation transcript:

1

2 Shibboleth Integration Fairfield University
Michael Graham-Cornell Director, Computing & Network Services

3 Agenda The user experience with Shibboleth (before & after CAS)
Shibboleth Overview What we had What we did What we have Benefits and Gotchas

4 Initial Shibboleth Implementation
Active Gmail Session? Student accesses mail.student.fairfield.edu Yes Gmail access granted No eduPersonPrincipalName Active Shibboleth Session? Yes No User logs into Shibboleth

5 Shibboleth Integrated with CAS
Active Gmail Session? Student accesses fairfield.edu/gmail Yes No Active Shibboleth Session? Yes Gmail access granted No Active CAS Session? eduPersonPrincipalName Yes User logs into CAS No

6 Overview of Shibboleth

7 What We Had Banner (Identity System of Record)
Sun Identity Manager (Identity Provisioning) Sun Directory Server (LDAP) Shibboleth Identity Provider (IdP) Gmail Service Provider (SP) Library Database Provider (SP)

8 What We Did Install CAS in Test Install CAS Service Manager
CASify Shibboleth

9 Benefits CAS very secure and robust SSO environment
CAS easily integrated into PHP and .NET applications (preferred for in-house authentication) We now support CAS and Shibboleth Service Providers – very flexible and easy to configure Only authorized service providers can authenticate Legacy applications can still authenticate through LDAP, but are rapidly being “CASified” Banner Forms, Self-Service, Workflow and BDMS use CAS authentication

10 What’s Better, CAS or Shibboleth?
Whatever works! Actually, the initial framework is a challenge for both implementations. However, adding new service providers is MUCH EASIER with CAS than with Shibboleth.

11

Download ppt "Shibboleth Integration Fairfield University"

Similar presentations

Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.

Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.
Sun Identity Manager Evaluation An exploration by the Advanced Systems Team, ICSD, Academic Services.

Sun Identity Manager Evaluation An exploration by the Advanced Systems Team, ICSD, Academic Services.
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.

KC-ROLO Project Kidderminster College Repository Of Learning Objects Graham Mason & Ed Beddows.
ELAG Trondheim 2004 1 Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
Building the Future: Millennium’s Relationship with Campus Systems and Services John Culshaw Faculty Director for Systems University of Colorado at Boulder.

Building the Future: Millennium’s Relationship with Campus Systems and Services John Culshaw Faculty Director for Systems University of Colorado at Boulder.
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Toolbox Mirror -Overview Effective Distributed Learning.

Toolbox Mirror -Overview Effective Distributed Learning.
UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.

UC Irvine’s Pre-Shib Attribute Setup PH / QI Directory Provides Authoritative Attribute Store –Had both Faculty / Staff and Student Information UCI’s Campus.
AutoSignon - A Reference Implementation of a Secure Single Sign-On Blackboard Building Block TM Richesh Ruchir, Technical Manager

AutoSignon - A Reference Implementation of a Secure Single Sign-On Blackboard Building Block TM Richesh Ruchir, Technical Manager
PKI 2: Protezione del traffico Web tramite SSL Fabrizio Grossi.

PKI 2: Protezione del traffico Web tramite SSL Fabrizio Grossi.
July 12, 2005 CSU SIMI Workshop - Melding Policy and Technology to Manage Identity1 Provisioning Services Collaborative CSU, East Bay and CSU, San Bernardino.

July 12, 2005 CSU SIMI Workshop - Melding Policy and Technology to Manage Identity1 Provisioning Services Collaborative CSU, East Bay and CSU, San Bernardino.
Peter Deutsch Director, I&IT Systems July 12, 2005

Peter Deutsch Director, I&IT Systems July 12, 2005
NJVid New Jersey Video Portal 1 Grant partners. NJVid New Jersey Video Portal 2 NJTrust - New Jersey Identity Trust Federation NJViD Advisory Board Meeting.

NJVid New Jersey Video Portal 1 Grant partners. NJVid New Jersey Video Portal 2 NJTrust - New Jersey Identity Trust Federation NJViD Advisory Board Meeting.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
Aegis Identity Software, Inc. presents Trends in Identity and Access Management in Higher Education to US Federations June 20, 2012 Janet Yarbrough – Director.

Aegis Identity Software, Inc. presents Trends in Identity and Access Management in Higher Education to US Federations June 20, 2012 Janet Yarbrough – Director.
Session 6 Windows Platform Dina Alkhoudari. Learning Objectives What is Active Directory Logical components of active directory Physical components of.

Session 6 Windows Platform Dina Alkhoudari. Learning Objectives What is Active Directory Logical components of active directory Physical components of.
Automated Computer Account Management in Active Directory June 2 nd, 2009 Bill Claycomb Systems Analyst Sandia National Laboratories Sandia is a multiprogram.

Automated Computer Account Management in Active Directory June 2 nd, 2009 Bill Claycomb Systems Analyst Sandia National Laboratories Sandia is a multiprogram.
Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.

Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.
Identity Management: Past, Present, and Future Wait, the requirements have changed again.

Identity Management: Past, Present, and Future Wait, the requirements have changed again.

Similar presentations

Ads by Google