I am enrolled in Masters program at NC State and they use Shibboleth. Also
Post by John O'ConnorHello Everyone,
I was wondering if anyone knew what universities or university systems in
the US were using Shibboleth for their SSO solution. The UNC system is
interested in peer institutions using Shibboleth. If your university is
using it, please respond letting me know what university and how
wide-spread use is on campus.
Thank you very much for your help.
David Bantz and Steven Carmody replied with some links and information.
The key thing to recognize is that it can be difficult from any of those to
tell if campuses are using Shibboleth/SAML as "THE campus SSO", or as "the
SSO for cloud/external services, and something else is being used for SSO
- campuses where Shib/SAML is THE SSO - Carnegie Mellon, University of
Chicago, Ohio State, ....
(The first two one can sort of see from the page Steven Carmody linked
to, by seeing the number of SPs registered for the campus. Ohio State has a
"local federation" for their SPs, so you can't tell from the InCommon stats
that it is the key SSO for Ohio State.)
- systems where InCommon and Shib/SAML are leveraged for both
external/cloud services and services where multiple campuses in the system
share those services. University of Texas System, University of California
System, University of Wisconsin System are at least three examples that
seem to fit this pattern.
- campuses where Shib/SAML serves both a cloud/external and
internal/intra- campus SSO role, and which is used may come down to
convenience/ease of integration, past history, or just whether the service
needs to accommodate any "external people". The University of Illinois
System, Alaska, and other institutions seem to fit this pattern.
- campuses where Shib/SAML use is pretty much limited to cloud/external
services, and there is a different campus SSO which pretty much covers all
internal services. Frequently, in this case, the Shib IdP is "layered" over
that "campus SSO", and that SSO is CAS, or Pubcookie, or something else.
The University of Utah and University of Washington are jut two examples
that come to mind. (This pattern may not be worth distinguishing from the
preceding one, it just seems the commitment of some institutions to another
underlying SSO is "stronger" in some cases than others. Perhaps it is just
the commitment of having the Shib IdP itself use that "other campus SSO"
which is the distinguishing factor.)
There is a lot of overlap in the above patterns, this was just one attempt
to delineate what feel like some key variations in usage/role of Shib/SAML
on campuses.
--
Michael A. Grady
Senior IAM Consultant, Unicon, Inc.
--
To unsubscribe from this list send an email to