Title: Shibboleth IDP: What it is, and why to consider a Managed Shib Services, like Gluu
1 Shibboleth IDP What it is, and why to
consider a Managed Shib Services, like
Gluu
- Many people are interested in deploying a
Shibboleth Identity Provider (IdP) to enable
secure organizational single sign-on (SSO). -
- Shibboleth is a free, open-source web single
sign-on system with rich attribute-exchange based
on open standards, most notably SAML. Shibboleth
has widespread adoption in higher education and
government due to built in privacy provisions
that meet the privacy obligations of accredited
schools and security conscious organizations.
Other benefits of Shibboleth include a
lightweight memory footprint and support for
multi-party federations, like In Common. -
- As a federated system, a Shibboleth IdP supports
secure access to resources across security
domains. Information about a user, otherwise
known as attributes, are sent from a home
identity provider (IDP) to a service provider
(SP), which prepares the information for
protection of sensitive content and use by
applications. -
- These so-called federations, while not a purely
technical construct, can often be used to help
providers trust each other in a scalable way. A
typical use case is a person accessing a
protected resource, authenticating at their
identity provider, and ending up back at the
resource logged in. -
2Without going into excessive detail, this is how
the resource-access process actually happens, and
how it fits with the IDP and SP
configuration 1. User Attempts to Access a
Protected Resource 2. SP Determines IDP and
Issues Authentication Request 3. User
Authenticates to the IDP 4. IdP Issues Response
to SP 5. Back to the SP 6. Access Granted to the
Protected Resource Why Use a Managed Service
for your Shibboleth IDP Configuring and
operating a Shibboleth Identity Provider and
comprehensive SSO service involves technical
know-how that can be time consuming to obtain and
expensive to retain (i.e. keeping employees with
the necessary skill sets). Identity management
and federation protocols and software such as
SAML and Shibboleth are increasingly niche skill
sets, and a subscription to the Gluu Server
ensures that your organization is able to deliver
a secure and reliable IDP service year after year
at a predictable annual cost.
3In addition, the Gluu Server supports not only
SAML, but also OpenID Connect and UMA, two new
profiles of OAuth 2.0 that better support
emerging authentication and authorization
requirements like mobile and native SSO, and web
and API access management. At Gluu, we employ
authentication, authorization and federation
experts to augment your operational staff. With
Gluus managed IDP service and utility open
source software stack, you can add a layer of
support for increasingly complex SAML and OpenID
Connect SSO requirements, while decreasing
dependence on highly specialized employees,
proprietary software and high priced
contractors. Article resource-https//sites.goo
gle.com/site/thegluuserver/shibboleth-idp-what-it-
is-and-why-to-consider-a-managed-shib-services-lik
e-gluu