The Shibboleth Service Provider SSO-enables and Federation-enables web applications written with any programming language or framework. It integrates natively with popular web servers like Apache and IIS. A loosely coupled integration strategy allows you to support SAML, rich attribute-exchange, and many value-added features, often without significantly changing your application code or using proprietary interfaces.
The normal Service Provider process is:
- Intercept access to a protected resource or application entry point.
- Discover the user's choice of Identity Provider.e
- Issue a SAML authentication request to the selected Identity Provider.
- Process the SAML authentication responses and extract rich user information.
- Apply local policies and gather additional data.
- Pass rich identity information to application resources.
- Support for Apache and IIS web servers and FastCGI authorizers on a wide range of platforms, including Windows, Linux, OS X, and Solaris
- Excellent scalability in both user load and management of Identity Providers
- Support for virtualization of web servers and applications
- Works with all compliant SAML implementations
- A variety of authorization and policy-oriented features