Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 124 Next »

Shibboleth allows users to securely send trusted information about themselves to remote resources. This information may then be used for authentication, authorization, content personalization, and enabling single sign-on across a broad range of services from many different providers.

The current stable release of the Service Provider(SP) is 2.6.0. There are no previous stable releases at this time.  Earlier releases should be presumed unsupported, but you can try. Shibboleth Identity Provider(IdP) v2.x is formally unsupported.  SP v2.x is fully interoperable with IdP v3.x releases, and is partially interoperable with older versions.

The minimum safe release of the SP is v2.6.0; you must also ensure various libraries are also sufficiently new. If you are running versions prior to these, you should upgrade immediately or take steps to protect your system by reviewing the advisories. In all cases, there may be important security issues affecting any versions other than the latest ones and you should always review the advisories to ensure you understand whether your particular system might be affected. The current stable release of the Identity Provider is 3.2.1, which has a new documentation space. The Centralized Discovery Service is also EOL.

All software, including archived releases, is available from http://shibboleth.net/downloads/ and each release is accompanied by a detached PGP signature using one of the keys listed in the project's KEYS file.  High-level information to get started with SAML and Shibboleth can be found in the Concepts wiki space.

All deployers should make sure to subscribe to to the announce mailing list to be sure of seeing important security announcements.

  • No labels