Page tree

The Shibboleth 2.x software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP30 and SP3 wiki spaces for current documentation on the supported versions.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 52 Next »

Shibboleth 2 Contributions and Extensions

Identity Provider Extensions

The following extensions are software components that may be installed into the Shibboleth 2 Identity Provider.

Extension

Supported IdP Versions

Maintainer Contact Info.

Description

Infocard

?

dev@shibboleth.net (subscription required)

Provides Microsoft Information Card support

uApprove

2.x

aai@switch.ch

Extension that enables users to consent to the release of attributes.

GridShib for Shib2

?

gridshib-users@globus.org

Enables the IdP to issue Holder-of-Key SAML assertions.

X.509 Login Handler

?

aai@switch.ch

The x509-login-handler implements an authentication handler for the Shibboleth IdP and will set the authentication context class urn:oasis:names:tc:SAML:2.0:ac:classes:X509.

IdP Audit Log Analysis Tool

2.X

dev@shibboleth.net (subscription required)

Provides IdP usage statistics by analyzing audit log files.

shlook

2.X

bbellina@usc.edu

IdP monitoring script for graphing Shibboleth usage

ECP

2.x

users@shibboleth.net (subscription required)

Provides ECP support. Note ECP support was rolled in to the main IdP distribution in version 2.3, do not attempt to use this plugin with that, or future, versions.

RESTful webservice connector

2.x

ds-iam@washington.edu

Provides an attribute data connector to a RESTful webservice.

Dynamic Metadata Provider

2.2

yang.xiang@rzg.mpg.de

Provides a dynamic metadata provider which is based on the newest HTTP metadata provider.

Web Service Data Connector

2.x

nick.x.newman@gmail.com

Provides a connector that can be used to extract attributes from a web service. (And the web service, in turn, can obtain those attributes from almost anywhere.)

Multi Factor Login Handler

2.?

fredrik@yubico.com

This is a JAAS-based login handler for Multi Factor authentication (two factors or more).

MongoDB connector

2.?

stefan@unitedid.org

Provides an attribute data and persistent ID connector for MongoDB.

OrientDB Connector

2.x

jonathan.tellier@gmail.com

Provides an attribute data connector for OrientDB.

Memcached StorageService

2.3

haim@hrz.uni-marburg.de

Provides an easy way to connect your Shibboleth IdP to a memcached server, in order to create a stateful cluster. It is intended to be a lightweight alternative to using the Terracotta software.

Stateless Cluster SSO

1.1

dev@shibboleth.net (subscription required)

Ohio State extensions, primarily a custom login module for SSO with stateless clustering

German ID card Login Handler

2.x

am@secure-dimensions.com

Provides support authentication with the German ID card (nPA).

Service Provider Extensions

The following extensions are software components that may be installed into the Shibboleth 2 Service Provider.

Extension

Supported SP Versions

Maintainer Contact Info.

Description

Infocard

?

dev@shibboleth.net (subscription required)

Provides Information Card support

Discovery Service Extensions

The following extensions are software components that may be installed into the Shibboleth 2 Discovery Service.

Extension

Supported DS Versions

Maintainer Contact Info.

Description

Documentation

Name

Maintainer Contact Info.

Description

SP on openSUSE

jpr@uab.edu

Notes on building, configuring, and testing the Shibboleth 2.0 SP on openSUSE 10.3

IDP on SuSE SLES10

shibboleth@lrz.de

Setting up the IDP 2.0 on SuSE Linux Enterprise Server (SLES10) (German)

SP on Xserve

luca.testoni@unimore.it

Notes on installing and configuring Shobboleth 2.0 SP on Mac OSX 10.5 (Leopard) XServe
(italian language)

Japanese Tutorial

repeatedly@gmail.com

Shibboleth 2 Introduction, Installation, and Configuration

Other, Related, Contributions

Other software components or documentation related to the use of Shibboleth 2.

Name

Maintainer Contact Info.

Description

XmlSecTool

users@shibboleth.net (subscription required)

Java-based tool for downloading, checking well-formedness, schema validity, and signature of XML documents. Also provides ability to sign XML documents.

Shule Aroon

repeatedly@gmail.com

A discovery service, written in Ruby.

JBoss-SAML

nick.x.newman@gmail.com

An all-Java SP. A Git patch to configure JBoss such that any standard deployed applications become SAML enabled. From a clean JBoss download do "git apply path-to-patch" to apply the changes. A README is supplied. I based the patch on JBoss-6.0.0.M2, but hopefully it with work with other versions too. If you really can't work with the patch I may be able to provide the complete SP, but the patch is really better since it is not tied so tightly to a single JBoss version and it lets you see what has been done.

simple bash ECP client

Scott Koranda

A simple demonstration ECP client written in bash. It requires bash 4 and the curl and xlstproc command line tools. It has been tested on Debian Squeeze against a Shib 2.2.1 and 2.3.0 IdP and Shib 2.4.2 Native SP.

simple Python ECP client

Scott Koranda

A simple demonstration ECP client written in Python. It requires Python 2.6+ and the Python lxml toolkit. It has been tested on Debian Squeeze against a Shib 2.2.1 and 2.3.0 IdP and Shib 2.4.2 Native SP.

IdP Load Tester

Steve Thorpe

stressTest.sh and its companion program check_sp-test.my.org_shib_login.pl are meant to help "stress test" a Shibboleth IdP (and SP). I used it to run about successful 150-200 logins per minute, using an IdP running on a VM on older HW, with only 512MB RAM. The code exercises SP -> WAYF -> IdP -> SP end-to-end tests and produces ASCII output. YOU WILL NEED TO READ AND UNDERSTAND THE CODE BEFORE USING THIS, as modifications will be required. Though its only 200-300 lines of code, so hopefully it won't be too difficult to figure that out. To unroll the gzipped tarball, do the following from a Linux command line: gunzip idpLoadTester.tar.gz; tar -xvf idpLoadTester.tar

  • No labels