Shibboleth 2 Contributions and Extensions
Identity Provider Extensions
The following extensions are software components that may be installed into the Shibboleth 2 Identity Provider.
Extension |
Supported IdP Versions |
Maintainer Contact Info. |
Description |
---|---|---|---|
? |
Provides Microsoft Information Card support |
||
2.x |
Extension that enables users to consent to the release of attributes. |
||
? |
Enables the IdP to issue Holder-of-Key SAML assertions. |
||
? |
The x509-login-handler implements an authentication handler for the Shibboleth IdP and will set the authentication context class |
||
2.X |
Provides IdP usage statistics by analyzing audit log files. |
||
2.X |
IdP monitoring script for graphing Shibboleth usage |
||
2.x |
Provides ECP support |
||
2.x |
Provides an attribute data connector to a RESTful webservice. |
||
2.2 |
Provides a dynamic metadata provider which is based on the newest HTTP metadata provider. |
||
2.x |
Provides a connector that can be used to extract attributes from a web service. (And the web service, in turn, can obtain those attributes from almost anywhere.) |
||
2.? |
This is a JAAS-based login handler for Multi Factor authentication (two factors or more). |
||
2.? |
Provides an attribute data and persistent ID connector for MongoDB. |
||
2.x |
Provides an attribute data connector for OrientDB. |
||
2.3 |
Provides an easy way to connect your Shibboleth IdP to a memcached server, in order to create a stateful cluster. It is intended to be a lightweight alternative to using the Terracotta software. |
||
1.1 |
Ohio State extensions, primarily a custom login module for SSO with stateless clustering |
Service Provider Extensions
The following extensions are software components that may be installed into the Shibboleth 2 Service Provider.
Extension |
Supported SP Versions |
Maintainer Contact Info. |
Description |
---|---|---|---|
? |
Provides Information Card support |
Discovery Service Extensions
The following extensions are software components that may be installed into the Shibboleth 2 Discovery Service.
Extension |
Supported DS Versions |
Maintainer Contact Info. |
Description |
---|
Documentation
Name |
Maintainer Contact Info. |
Description |
---|---|---|
Notes on building, configuring, and testing the Shibboleth 2.0 SP on openSUSE 10.3 |
||
Setting up the IDP 2.0 on SuSE Linux Enterprise Server (SLES10) (German) |
||
Notes on installing and configuring Shobboleth 2.0 SP on Mac OSX 10.5 (Leopard) XServe |
||
Shibboleth 2 Introduction, Installation, and Configuration |
Other, Related, Contributions
Other software components or documentation related to the use of Shibboleth 2.
Name |
Maintainer Contact Info. |
Description |
---|---|---|
Java-based tool for downloading, checking well-formedness, schema validity, and signature of XML documents. Also provides ability to sign XML documents. |
||
A discovery service, written in Ruby. |
||
An all-Java SP. A Git patch to configure JBoss such that any standard deployed applications become SAML enabled. From a clean JBoss download do "git apply path-to-patch" to apply the changes. A README is supplied. I based the patch on JBoss-6.0.0.M2, but hopefully it with work with other versions too. If you really can't work with the patch I may be able to provide the complete SP, but the patch is really better since it is not tied so tightly to a single JBoss version and it lets you see what has been done. |
||
A simple demonstration ECP client written in bash. It requires bash 4 and the curl and xlstproc command line tools. It has been tested on Debian Squeeze against a Shib 2.2.1 and 2.3.0 IdP and Shib 2.4.2 Native SP. |
||
A simple demonstration ECP client written in Python. It requires Python 2.6+ and the Python lxml toolkit. It has been tested on Debian Squeeze against a Shib 2.2.1 and 2.3.0 IdP and Shib 2.4.2 Native SP. |
||
stressTest.sh and its companion program check_sp-test.my.org_shib_login.pl are meant to help "stress test" a Shibboleth IdP (and SP). I used it to run about successful 150-200 logins per minute, using an IdP running on a VM on older HW, with only 512MB RAM. The code exercises SP -> WAYF -> IdP -> SP end-to-end tests and produces ASCII output. YOU WILL NEED TO READ AND UNDERSTAND THE CODE BEFORE USING THIS, as modifications will be required. Though its only 200-300 lines of code, so hopefully it won't be too difficult to figure that out. To unroll the gzipped tarball, do the following from a Linux command line: gunzip idpLoadTester.tar.gz; tar -xvf idpLoadTester.tar |