Shibboleth IdP - block off-campus access

Nguyen, Linh Viet - nguyenlv nguyenlv at
Fri Apr 3 12:11:04 EDT 2020

Hi list,

We have a new service providers that is not an InCommon member. This service provider supports both "service provider" and "identity provider" initiated authentication. We want to block off campus login to this new service provide, so anybody who does not have an IP address from on-campus would not be able to log into this new service provider. We are currently running the Shibboleth identity provider 3.3.3. Does a native mechanism exist for that version or do we need to develop something custom?

We also have Jetty as part of our IdP configuration. Does Jetty provide a mechanism that could support blocking a specific (or list of) service provider(s) when the user is off-campus?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list