Sakai and Shibboleth Integration
From BeSTGRID
Contents |
[edit] Introduction
This article presents a high level overview of the use of Shibboleth federated authentication with Sakai used as a Virtual Research Environment (VRE). Is a picture worth a thousand word? Yes, I think the diagram below can give you a big picture overview of an anonymous user authenticated himself through a Shibboleth federation network.
However, it is useful to understand some background overviews of Shibboleth and Sakai which maybe helpful for you to understand the diagram below. Several useful links are listed at the References section.
[edit] Terminology
It is important to understand some terminologies before you go further. If you already know some basic knowledges of Shibboleth and Sakai, you can skip this section and go below. The definitions below are directly quoted from the Shibboleth and Sakai official website.
[edit] Shibboleth
- Identity Provider (IdP) is responsible for supplying information about users at a domain to relying parties protected by service providers.
- Service Provider (SP) communicates with Identity Providers (IdP) to discover information about users trying to access resources it protect.
- Where Are You From (WAYF) or Discovery Service is responsible for allowing a user to associate themself with an institution of their specification, then redirecting the user to the known address for the handle service of that institution.
- Open IdP a Identity Provider with a web interface which allows users to register their details.
[edit] Sakai
- Sakai is an online Collaboration and Learning Environment. Many users of Sakai deploy it to support teaching and learning, ad hoc group collaboration, support for portfolios and research collaboration.
[edit] Sakai and Shibboleth Integration Diagram
[edit] References
- Internet2 resources
- Shibboleth Technical Overview
- Shibboleth high-level technical introduction
- Sakai resources
- About Sakai
- Charles Severance muses on Shibboleth for Sakai VRE / Research Sites
- General
