Understanding Shibboleth

• Shibboleth Introduction: A basic introduction to Shibboleth.
• DeploymentBackground: Introductory information for performing a deployment of Shibboleth.
• ShibbolethWalkthrough: Take a detailed technical tour through the Shibboleth software.
• MetaData: Overview of how SAML 2.0 metadata is used in the Shibboleth software.
• KeysAndCertificates: A detailed discussion of the variety of keys and certificates found in a typical deployment.
• TrustManagement: Discussion of how keys and certificates are evaluated by Shibboleth software.
• AttributeNaming: Suggestions on the proper way to name attributes for SAML expression.

Understanding IdP Features and Issues

add content

Understanding SP Features and Issues

• RedirectGeneration: Shibboleth and its web environment must be properly configured for redirects to work
• ServiceProviderHandler: URL-invoked functions implemented by the SP software
• SessionInitiator: Handler function that handles the creation of an AuthnRequest, may be triggered automatically when accessing protected content or by an application at runtime
• AttributeAcceptancePolicy: Defines attributes and rules for processing them by an SP
• AddressChecking: Policies applied by the SP to enforce a consistent client network address across requests, making session theft harder by requiring source address spoofing
• RelayState: Mechanism for SP to remember information about the resource request during an AuthnRequest
• SpoofingBug: Details regarding potential vulnerabilities arising from header spoofing.