The UK Access Management Federation provides a standardised way of exchanging authentication and authorisation requests in a consistent, secure and privacy-preserving manner. Organisations who have resources they wish to give access to through this method may wish to run their own Shibboleth service provider to enable this.
This course will provide a number of discussions and hands-on labs for delegates to work through individually and in a small group. It is centred around the installation and configuration of a Shibboleth 2 service provider, which will be tested against a reference Shibboleth identity 3 provider. The course includes some discussion of migration from an existing Shibboleth 1.3 installation.
The course will be led by Rhys Smith, chief technical architect, trust and identity, Jisc.
- Share good practice and learn from others from within academic networking
- Tailored course specifically designed for Janet Network-connected organisations
- One year of online support following the course
- High-quality materials including case studies, checklist and examples
- Learn from subject matter experts within the Janet Network community
- Affordable prices
- All course materials, equipment and labs provided
Registration begins at 09:30 and the course will run between 10:00 and 16:30.
The course timetable will be adjusted on the day to allow discussion of areas of particular interest to the audience.
This course has a particular emphasis on hands-on activities which take up most of the day. These activities will be performed on either a Linux (CentOS 6) or Windows (Windows Server 2008 R2) Virtual Machine (VM), running on VMWare Server on laptops provided as part of the course.
All refreshments and lunch are provided.
All delegates will receive a workbook, specifically written for the course.
If you wish to work with the Linux VM, you will be able to take a copy of the VM image home with you after the course to continue to practice and modify. Please bring a USB memory stick or portable external USB hard disk with at least 3GB of free space.
Due to licensing conditions associated with Windows, delegates wishing to work with the Windows VM do not have this option. However, if you bring your own laptop to the course with a fully licensed and legal copy of Windows Server 2008 installed (either directly or in a VM) you will be able to use this during the course and thus keep the copy.
Who should attend
This technical course is aimed at anyone responsible for implementing a Shibboleth 2 service provider who has system administration skills with either Windows Server 2008 R2 (64 bit) or CentOS 6 (64 bit).
What we cover
- Understanding Shibboleth
- Service provider prerequisites
- Service provider installation
- Service provider configuration
- Integrating Shibboleth with web applications
- Advanced service provider topics
On completion of this one day course, delegates will be able to:
- Describe the overall process and information flows seen in federated access
- Describe the difference between identity providers and service providers
- Identify the purpose of a federation
- Explain the importance of attributes, and the need for attribute encoders/decoders
- Carry out an analysis of what needs to be done within an organisation in order to meet all necessary prerequisites
- Apply their knowledge to install all software required for the installation of the Shibboleth service provider
- Carry out the install of the Shibboleth service provider itself
- Perform basic configuration of the service provider
- Configure the service provider to receive attribute information in a controlled manner
- Analyse access control requirements and implement these within the service provider
- Explain the concept of clustering the service provider, and what is needed to enable it
- Identify the most appropriate method of Shibboleth-enabling a website, and understand the implications of different methods of doing so
- Suggest ways in which to get appropriate support
Pricing and eligibility
- Jisc institutional members: £350 + VAT1
- Other organisations: £500 + VAT
- 1 If, in addition to paying a subscription, your institution has opted to become a Jisc institutional member, then - as part of our VAT-exempt cost sharing group - you will not be charged VAT on your course fee. For more information visit our VAT-exempt cost sharing group page: https://www.jisc.ac.uk/about/vat-cost-sharing-group
For more information, email firstname.lastname@example.org or phone 01235 822242.