...
The following diagram shows the interaction between the user, located at their web browser, the IdP, located at the home organization, and the SP, located at the resource organization.
...
The SP detects the user attempting to access restricted content within the resource.
The SP generates an authentication request, then sends
...
that request, and the user, to the user's IdP.
The IdP authenticates the user, then sends the authentication response, and the user, back to the SP.
The SP verifies the IdP's response and sends the request through to the resource which returns the originally requested content.
Further Details
Given this very basic familiarity with the Shibboleth components and their interactions, the following documentation provides further detail. The section Understanding the Basics provides further information about the concepts and components within Shibboleth. The Identity Provider and Service Provider sections give further details relating specifically to their respective components.
...