Shibboleth Architecture
Shibboleth is an open source project of the Shibboleth Consortium that was originally initiated by Internet2 as part of their middleware activity.
The key concepts of Shibboleth are:
- Federated authentication
- Access control based on attributes
- Privacy management
- A framework for multiple, scaleable trust and policy sets (federations)
- A standard (yet extensible) attribute value vocabulary
Shibboleth has been chosen as the architecture to use for the Switch edu-ID project after an evaluation and a pilot phase that started in 2003.
The official Shibboleth documentation one finds on the Shibboleth Wiki.
However, for deployment of Shibboleth within the Switch edu-ID federation and the edu-ID Test Federation, follow the
Switch edu-D specific deployment information.
Shibboleth builds on SAML (Security Assertion Markup Language), which is an OASIS standard. Read the SAML2 Technical Overview document to get an idea. Also, have a look at the AAI Demo using the Shibboleth technology.
Switch has been an active financial contributor to the Shibboleth project for years in the context of the Shibboleth consortium.