Servizi » Autenticazione » Shibboleth

Risorse correlate

Link rapidi


The Shibboleth® System is a standards based, open source software package for web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.

The Shibboleth software implements widely used federated identity standards, principally OASIS' Security Assertion Markup Language (SAML), to provide a federated single sign-on and attribute exchange framework. Shibboleth also provides extended privacy functionality allowing the browser user and their home site to control the attributes released to each application. Using Shibboleth-enabled access simplifies management of identity and permissions for organizations supporting users and applications. Shibboleth is developed in an open and participatory environment, is freely available, and is released under the Apache Software License.

What is Shibboleth and how does it work?

A user authenticates with his or her organizational credentials. The organization (or identity provider) passes the minimal identity information necessary to the service manager to enable an authorization decision. 
There are two primary parts to the Shibboleth system:

  1. Identity Provider - the software run by an organization with users wishing to access a restricted service;
  2. Service Provider - the software run by the provider managing the restricted service.

Shibboleth leverages the organization’s identity and access management system, so that the individual’s relationship with the institution determines access rights to services that are hosted both on- and off-campus. For a series of technical explanations of how Shibboleth works, from easy to expert, refer to the SWITCH Federation site.

Implementation Options

Additional Information

The Shibboleth System News

^ Top