Shibboleth IDP: What it is, and why to consider a Managed Shib Services, like Gluu

1
 Shibboleth IDP What it is, and why to
consider a Managed Shib Services, like
Gluu

• Many people are interested in deploying a
  Shibboleth Identity Provider (IdP) to enable
  secure organizational single sign-on (SSO).
•  
• Shibboleth is a free, open-source web single
  sign-on system with rich attribute-exchange based
  on open standards, most notably SAML. Shibboleth
  has widespread adoption in higher education and
  government due to built in privacy provisions
  that meet the privacy obligations of accredited
  schools and security conscious organizations.
  Other benefits of Shibboleth include a
  lightweight memory footprint and support for
  multi-party federations, like In Common.
•  
• As a federated system, a Shibboleth IdP supports
  secure access to resources across security
  domains. Information about a user, otherwise
  known as attributes, are sent from a home
  identity provider (IDP) to a service provider
  (SP), which prepares the information for
  protection of sensitive content and use by
  applications.
•  
• These so-called federations, while not a purely
  technical construct, can often be used to help
  providers trust each other in a scalable way. A
  typical use case is a person accessing a
  protected resource, authenticating at their
  identity provider, and ending up back at the
  resource logged in.
•  

2
Without going into excessive detail, this is how
the resource-access process actually happens, and
how it fits with the IDP and SP
configuration   1. User Attempts to Access a
Protected Resource 2. SP Determines IDP and
Issues Authentication Request 3. User
Authenticates to the IDP 4. IdP Issues Response
to SP 5. Back to the SP 6. Access Granted to the
Protected Resource   Why Use a Managed Service
for your Shibboleth IDP Configuring and
operating a Shibboleth Identity Provider and
comprehensive SSO service involves technical
know-how that can be time consuming to obtain and
expensive to retain (i.e. keeping employees with
the necessary skill sets). Identity management
and federation protocols and software such as
SAML and Shibboleth are increasingly niche skill
sets, and a subscription to the Gluu Server
ensures that your organization is able to deliver
a secure and reliable IDP service year after year
at a predictable annual cost.
3
In addition, the Gluu Server supports not only
SAML, but also OpenID Connect and UMA, two new
profiles of OAuth 2.0 that better support
emerging authentication and authorization
requirements like mobile and native SSO, and web
and API access management.   At Gluu, we employ
authentication, authorization and federation
experts to augment your operational staff. With
Gluus managed IDP service and utility open
source software stack, you can add a layer of
support for increasingly complex SAML and OpenID
Connect SSO requirements, while decreasing
dependence on highly specialized employees,
proprietary software and high priced
contractors.   Article resource-https//sites.goo
gle.com/site/thegluuserver/shibboleth-idp-what-it-
is-and-why-to-consider-a-managed-shib-services-lik
e-gluu