Shibboleth/Dataverse Network integration

Cantor, Scott cantor.2 at osu.edu
Thu Feb 7 12:04:33 EST 2013 

> I'm new to Shibboleth... still at the "proof of concept" stage:
> https://github.com/dvn/shibpoc

I would suggest that if you're doing something like you seem to be, that you rephrase/reword. You're doing SAML. Shibboleth is an implementation of it you're not using, so nothing you're doing really pertains to it specifically. This is  a fairly common misunderstanding.

That's not to say Shibboleth works like most SAML implementations do, but they are interoperable on the wire.

If you're building something yourself, I'd say rethink that idea, but regardless, it's not sufficient to copy some code or read some specs, it's a very large undertaking and it's not something you can learn from a mailing list at this point (and there are unfortunately no books I know of). Thus, my advice is to use something that exists and not build your own.

> As I understand it, my webapp will be a Service Provider (SP), which I
> hope isn't too tricky since we use Glassfish rather than Apache. Time
> will tell.

I've heard good things about the JBoss SAML implementation, but I can't vouch for it.

> Would the Shibboleth community be interested in a publicly logged IRC
> channel? I can send in my bot if you'd like. :)

I've thought about it from time to time, but I don't really have time to monitor an IRC channel. I don't know if any other project participants might want one.

> I have OAuth and OpenID accounts to play around with but I've never
> actually used a Shibboleth account before.

There's really no such thing, see above.

> I'm aware of
> http://testshib.org and I'm using it to test a bit, but is there a
> place where I can sign up for a free test Shibboleth account and some
> Shibboleth-enabled services I can sign in to? Just for testing... to
> get a feel for what the user experience is like, I mean.

The user experience isn't consistent because that's just not practical when you're not Google or Facebook, but the closest analogy would be something like ProtectNetwork, and you could login to, for example, the Shibboleth wiki or issue tracker with that.

The origins of Shibboleth are in the dozens of Web SSO systems built by universities since the mid-90s. I built my first one in 1997, and I copied others that came before it. That's where the user experience comes from.

-- Scott

More information about the users mailing list