The Shibboleth 1.x software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only.

Skip to end of metadata
Go to start of metadata

Understanding Shibboleth

  • Shibboleth Introduction: A basic introduction to Shibboleth.
  • DeploymentBackground: Introductory information for performing a deployment of Shibboleth.
  • ShibbolethWalkthrough: Take a detailed technical tour through the Shibboleth software.
  • MetaData: Overview of how SAML 2.0 metadata is used in the Shibboleth software.
  • KeysAndCertificates: A detailed discussion of the variety of keys and certificates found in a typical deployment.
  • TrustManagement: Discussion of how keys and certificates are evaluated by Shibboleth software.
  • AttributeNaming: Suggestions on the proper way to name attributes for SAML expression.

Understanding IdP Features and Issues

add content

Understanding SP Features and Issues

  • RedirectGeneration: Shibboleth and its web environment must be properly configured for redirects to work
  • ServiceProviderHandler: URL-invoked functions implemented by the SP software
  • SessionInitiator: Handler function that handles the creation of an AuthnRequest, may be triggered automatically when accessing protected content or by an application at runtime
  • AttributeAcceptancePolicy: Defines attributes and rules for processing them by an SP
  • AddressChecking: Policies applied by the SP to enforce a consistent client network address across requests, making session theft harder by requiring source address spoofing
  • RelayState: Mechanism for SP to remember information about the resource request during an AuthnRequest
  • SpoofingBug: Details regarding potential vulnerabilities arising from header spoofing.
  • No labels