Presentation is loading. Please wait.

Presentation is loading. Please wait.

Shibboleth Identity Provider V3 Deployment Considerations Scott Cantor (tOSU) Walter Hoehn (U Memphis) David Langenberg (U Chicago)

Published byRoland Osborne Modified over 8 years ago

Similar presentations

Presentation on theme: "Shibboleth Identity Provider V3 Deployment Considerations Scott Cantor (tOSU) Walter Hoehn (U Memphis) David Langenberg (U Chicago)"— Presentation transcript:

1 Shibboleth Identity Provider V3 Deployment Considerations Scott Cantor (tOSU) Walter Hoehn (U Memphis) David Langenberg (U Chicago)

2 KEY DIFFERENCES FOR V2 DEPLOYERS

3 Configuration More/smaller configuration files divided by topics and types Properties for big/global changes XML files for main configuration as before Velocity templates for user interfaces (JSP optional) Message files for internationalized text System files are separate, read-only, and provided only for reference to ensure safe upgrades 3

4 Configuration attribute-resolver.xml Basic scripts work under Java 7 or if adapted to Java 8, but complex scripts that access V2 APIs will likely need adjustments No other significant changes attribute-filter.xml No significant changes, but XML simplifications will be available with V3.2.0 relying-party.xml Legacy support or the more powerful native format are available metadata-providers.xml Separate file for metadata sources with streamlined options saml-nameid.xml New file for configuring SAML Subject identifiers for accomodating deficient SP software 4

5 Clustering Ding-dong, Terracotta's dead Clustering Options client-side cookies (+ HTML Storage in V3.2.0) in-memory JPA / database memcache All options assuming per-request stickiness from a load balancer, no realistic chance of this changing 5

6 Quick New Feature Blitz Built-in attribute release consent Built-in CAS protocol support Advanced support for controlling configuration settings based on arbitrary conditions Help with migration to stronger security algorithms IdP-driven authorization (the Google bug) Safe and reliable upgrade process 6

7 V2 UPGRADE CONSIDERATIONS

8 Basics The easy: Filter policies just work Legacy relying-party files just work Most attribute resolver files just work Use of V2 “in the box” authentication options is very easy to transfer across The less easy: Login UI is some work to re-customize Adapting, converting, or waiting for older add-ons 8

9 Upgrade or New Install? Upgrade in-place if you: Don’t need any new features initially Want a faster upgrade process Transfer settings manually if you: Need newer features as part of your deployment Have the time to move settings over deliberately and test them If you do want to reuse your old relying-party file, start with an in-place upgrade. 9

Download ppt "Shibboleth Identity Provider V3 Deployment Considerations Scott Cantor (tOSU) Walter Hoehn (U Memphis) David Langenberg (U Chicago)"

Similar presentations

Using PHINMS and Web-Services for Interoperability The findings and conclusions in this presentation are those of the author and do not necessarily represent.

Using PHINMS and Web-Services for Interoperability The findings and conclusions in this presentation are those of the author and do not necessarily represent.
Shibboleth Identity Provider Version 3 IAM Online March 11, 2015

Shibboleth Identity Provider Version 3 IAM Online March 11, 2015
Windows Deployment Services WDS for Large Scale Enterprises and Small IT Shops Presented By: Ryan Drown Systems Administrator for Krannert.

Windows Deployment Services WDS for Large Scale Enterprises and Small IT Shops Presented By: Ryan Drown Systems Administrator for Krannert.
© 2009 Research In Motion Limited Methods of application development for mobile devices.

© 2009 Research In Motion Limited Methods of application development for mobile devices.
Presented by IBM developer Works ibm.com/developerworks/ 2006 January – April © 2006 IBM Corporation. Making the most of Creating Eclipse plug-ins.

Presented by IBM developer Works ibm.com/developerworks/ 2006 January – April © 2006 IBM Corporation. Making the most of Creating Eclipse plug-ins.
J2EE Java 2 Enterprise Edition. Relevant Topics in The Java Tutorial Topic Web Page JDBC orial/jdbc

J2EE Java 2 Enterprise Edition. Relevant Topics in The Java Tutorial Topic Web Page JDBC orial/jdbc
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
PreserveDiscover In-Place Archive with secondary quota Available on-prem, online, or EOA Lync Archives into Exchange Search across Primary & Archive –

PreserveDiscover In-Place Archive with secondary quota Available on-prem, online, or EOA Lync Archives into Exchange Search across Primary & Archive –
Part or all of this lesson was adapted from the University of Washington’s “Web Design & Development I” Course materials.

Part or all of this lesson was adapted from the University of Washington’s “Web Design & Development I” Course materials.
System Design/Implementation and Support for Build 2 PDS Management Council Face-to-Face Mountain View, CA Nov 30 - Dec 1, 2011 Sean Hardman.

System Design/Implementation and Support for Build 2 PDS Management Council Face-to-Face Mountain View, CA Nov 30 - Dec 1, 2011 Sean Hardman.
Shibboleth 2.0 : An Overview for Developers Scott Cantor The Ohio State University / Internet2 Scott Cantor The Ohio.

Shibboleth 2.0 : An Overview for Developers Scott Cantor The Ohio State University / Internet2 Scott Cantor The Ohio.
UNIT-V The MVC architecture and Struts Framework.

UNIT-V The MVC architecture and Struts Framework.
SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.

SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.
Shibboleth: New Functionality in Version 1 Steve Carmody July 9, 2003 Steve Carmody July 9, 2003.

Shibboleth: New Functionality in Version 1 Steve Carmody July 9, 2003 Steve Carmody July 9, 2003.
Shibboleth 2.0 IdP Training: Basics and Installation January, 2009.

Shibboleth 2.0 IdP Training: Basics and Installation January, 2009.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.

Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
Windows.Net Programming Series Preview. Course Schedule - 2014 CourseDate Microsoft.Net Fundamentals 01/13/2014 Microsoft Windows/Web Fundamentals 01/20/2014.

Windows.Net Programming Series Preview. Course Schedule CourseDate Microsoft.Net Fundamentals 01/13/2014 Microsoft Windows/Web Fundamentals 01/20/2014.
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.

Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
SWITCHaai Team Introduction to Shibboleth.

SWITCHaai Team Introduction to Shibboleth.
Technology Overview. Agenda What’s New and Better in Windows Server 2003? Why Upgrade to Windows Server 2003 ?  From Windows NT 4.0  From Windows 2000.

Technology Overview. Agenda What’s New and Better in Windows Server 2003? Why Upgrade to Windows Server 2003 ?  From Windows NT 4.0  From Windows 2000.

Similar presentations

Ads by Google