Shibboleth

While EDIT CSSO was in planning stage, Shibboleth was the reference implementation of the http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security Security Assertion Markup Language (SAML)] standard family. Currently, Shibboleth is the recommended Service Provider implementation for EDIT. Unfortunately, the its Identity Provider implementation does currently not support Single Logout functionality. So, we are using OpenSSO(OpenAM) as Identity Provider implementation instead.

http://shibboleth.internet2.edu/includes/projects/shib/logoWbg3.jpg

Shibboleth is an Internet2 Middleware Initiative project that has created an architecture and open-source implementation for federated identity-based authentication and authorization infrastructure based on SAML.It is an Middleware Initiative project and has been under development since 2001. As a stable tool build on accepted security standards such as SAML, it has been promoted by the National Science Foundation's Middleware Initiative (NMI), the Middleware Architecture Committee for Education (MACE) and the Higher Education Funding Council for England together with JISC. Shibboleth was particularly popular within the higher education community and becomes more and more accepted in commercial environments as well.

Please find currently available EDIT related information on Shibboleth on the following pages:

Shibboleth Service Provider (SP) v2.3.x Installation on Debian Lenny
Detailed installation instructions for EDIT Shibboleth Service Providers on a Debian Lenny system.
The Shibboleth Protocol
General description of the Shibboleth Protocol.
(Deprecated) Shibboleth Identity Provider (IdP) Setup on Debian Etch
Detailed installation instructions for EDIT Shibboleth Identity Providers on a Debian Lenny system.
(Deprecated) Shibboleth Service Provider (SP) Installation on Microsoft Windows
Brief installation instructions for Shibboleth Service Providers on a Windows system.