The State of the Raven. Jon Warbrick University of Cambridge Computing Service

Similar documents
CIMA Asia. Interactive Timetable Live Online

Web Authentication with Shibboleth

AIMMS Function Reference - Date Time Related Identifiers

CIMA Asia. Interactive Timetable Live Online

Undergraduate Admission File

Grade 4 Mathematics Pacing Guide

CIMA Certificate BA Interactive Timetable

DATE OF BIRTH SORTING (DBSORT)

IDG Services Metrics. Kerberos Usage. Weblogin Usage. Kerberos & Webauth Services. Kerberos & Webauth Users. Authentication Metrics

Freedom of Information Act 2000 reference number RFI

Previous Intranet Initial intranet created in 2002 Created solely by Information Systems Very utilitarian i Created to permit people to access forms r

New Concept for Article 36 Networking and Management of the List

COURSE LISTING. Courses Listed. Training for Database & Technology with Modeling in SAP HANA. 20 November 2017 (12:10 GMT) Beginner.

Asks for clarification of whether a GOP must communicate to a TOP that a generator is in manual mode (no AVR) during start up or shut down.

Liberty Alliance Project

This report is based on sampled data. Jun 1 Jul 6 Aug 10 Sep 14 Oct 19 Nov 23 Dec 28 Feb 1 Mar 8 Apr 12 May 17 Ju

INFORMATION TECHNOLOGY SPREADSHEETS. Part 1

UAE PUBLIC TRAINING CALENDAR

Interim Report Technical Support for Integrated Library Systems Comparison of Open Source and Proprietary Software

Section 1.2: What is a Function? y = 4x

All King County Summary Report

CS Programming I: Arrays

ACTIVE MICROSOFT CERTIFICATIONS:

Tracking the Internet s BGP Table

San Francisco Housing Authority (SFHA) Leased Housing Programs October 2015

ACTIVE MICROSOFT CERTIFICATIONS:

2018 CALENDAR OF ACTIVITIES

FREQUENTLY ASKED QUESTIONS

For personal use only. Update Event & nearmap Solar

MISO PJM Joint and Common Market Cross Border Transmission Planning

software.sci.utah.edu (Select Visitors)

ACTIAN PRODUCTS by Platform - Vector, Vector in Hadoop as of October 18, 2017

CBERS-2. Attitude Control and its Effects on Image Geometric Correction. Follow up to TCM-06 INPE CBERS TEAM

MSRS Roadmap. As of January 15, PJM 2019

NMOSE GPCD CALCULATOR

BANGLADESH UNIVERSITY OF PROFESSIONALS ACADEMIC CALENDAR FOR MPhil AND PHD PROGRAM 2014 (4 TH BATCH) PART I (COURSE WORK)

Seattle (NWMLS Areas: 140, 380, 385, 390, 700, 701, 705, 710) Summary

Banner 9 Overview and Transition timeline August Edgar Coronel Paddy Wong

Seattle (NWMLS Areas: 140, 380, 385, 390, 700, 701, 705, 710) Summary

Withdrawal of Text Processing (Business Professional)

COURSE LISTING. Courses Listed. with SAP Hybris Marketing Cloud. 24 January 2018 (23:53 GMT) HY760 - SAP Hybris Marketing Cloud

Japan s Measures against Spam

LocatorHub Product Life Cycle Status

IPEX The next version

More Binary Search Trees AVL Trees. CS300 Data Structures (Fall 2013)

Training of BRs/NCs reviewers and experts for Biennial Update Reports technical analysis. 5 th BRs and NCs lead reviewers meeting

COUNCIL MEETINGS July 2017 to June 2018

DoD Environmental Security Technology Certification Program (ESTCP) Tim Tetreault DoD August 15, 2017

Spiegel Research 3.0 The Mobile App Story

What future changes are planned to improve the performance and reliability of the Wairarapa Connection?

Coaching emerit Certified Event Find out what level you are ready for and what you need to JHB

More BSTs & AVL Trees bstdelete

TOWN MANAGER S WEEKLY REPORT

Federated Access Management Futures

ACTIVE MICROSOFT CERTIFICATIONS:

Pushing the Limits. ADSM Symposium Sheelagh Treweek September 1999 Oxford University Computing Services 1

Infectious Diseases Media Kit. The Journal of. Advertising & Sales Contacts. Useful Information. jid.oxfordjournals.org

ASSOCIATION OF CHARTERED CERTIFIED ACCOUNTANTS

SQS Academy Stepping ahead

DAS LRS Monthly Service Report

SCI - software.sci.utah.edu (Select Visitors)

INTERTANKO Vetting seminar 24 th October 2017

Clinical Infectious Diseases

Contents:

HPE Security Data Security. HPE SecureData. Product Lifecycle Status. End of Support Dates. Date: April 20, 2017 Version:

TRIMBLE GEOSPATIAL SURVEY PRODUCTS SOFTWARE + FIRMWARE: LATEST RELEASES JAN 2018

How to Survive the Zombie Apocalypse

Obtaining and Managing IP Addresses. Xavier Le Bris IP Resource Analyst - Trainer

Seattle (NWMLS Areas: 140, 380, 385, 390, 700, 701, 705, 710) Summary

C Structures, Unions, Bit Manipulations, and Enumerations

North American Portability Management, LLC Transition Oversight Manager. TOEP Webcast November 7, 2017

SME License Order Working Group Update - Webinar #3 Call in number:

Excel Functions & Tables

BHARATI VIDYAPEETH`S INSTITUTE OF MANAGEMENT STUDIES AND RESEARCH NAVI MUMBAI ACADEMIC CALENDER JUNE MAY 2017

Annex A to the DVD-R Disc and DVD-RW Disc Patent License Agreement Essential Sony Patents relevant to DVD-RW Disc

Town of Georgetown Comprehensive Plan

A First Look at QUIC in the Wild

Countermeasures against Mobile spam

Stakeholder consultation process and online consultation platform

I.A.C. - Italian Activity Contest.

Ohio Department of Transportation. SMS Update. District Bridge Engineers. Amjad Waheed, PE. Engineering Division Office of Structural Engineering

ICT PROFESSIONAL MICROSOFT OFFICE SCHEDULE MIDRAND

COURSE LISTING. Courses Listed. Training for Cloud with SAP Cloud Platform in Development. 23 November 2017 (08:12 GMT) Beginner.

COURSE LISTING. Courses Listed. Training for Database & Technology with Development in SAP Cloud Platform. 1 December 2017 (22:41 GMT) Beginner

Characterization and Modeling of Deleted Questions on Stack Overflow

Introduction. Structures, Unions, Bit Manipulations, and Enumerations. Structure. Structure Definitions

APAN 25 Middleware Session, Hawaii Jan.24, 2008 Japanese University PKI (UPKI) Update and Shibboleth using PKI authentication

Demand Estimation Sub Committee Ad-hoc Work Plan

September Real Sector Statistics Division. Methodology

UK EPR GDA PROJECT. Name/Initials Date 30/06/2011 Name/Initials Date 30/06/2011. Resolution Plan Revision History

Multi-part functionality in PINES

2018 CERTIFICATION TRAINING SCHEDULE COURSE TARGET AUDIENCE FEE JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC

AWS-SCWI. American Welding Society Senior Certified Welding Inspector. Certification Programs for the Year 2018

Michigan Tech University Banner Finance Self-Service User Guide. Revised 1/11/17

2018 CERTIFICATION TRAINING SCHEDULE COURSE TARGET AUDIENCE FEE JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC

Digital Test. Coverage Index

MONITORING REPORT ON THE WEBSITE OF THE STATISTICAL SERVICE OF CYPRUS DECEMBER The report is issued by the.

Federated Identity Management

Aon Hewitt. Facts & Figures. March 2016 Update. Risk. Reinsurance. Human Resources. Empower Results

Budget Transfers. To initiate a budget transfer, go to FGAJVCM (Journal Voucher Mass Entry). FGAJVCM

Transcription:

The State of the Raven Jon Warbrick University of Cambridge Computing Service jw35@cam.ac.uk

Corvus corax Raven photo used under the terms of the GNU Free Documentation License. Author Pcb21.

Raven Web Authentication

2002 A little history December 2002: the CS s SMT approve a proposal for a Central, password-based web authentication service Oct Nov Dec

2003 August 2003: A central web authentication system announced Jan Feb Mar Apr First talk to Webmasters May Jun Jul Aug Sep Oct Nov Dec

2004 January 2004: Initial implementation reported to be working Jan Feb Mar Apr Raven Web Authentication talk to Webmasters September 2004: Raven service launched May Jun Jul The Raven Web Authentication Service talk to Techlinks Aug Sep Oct info.raven. current.status talk to Webmasters Nov Dec

2005 October 2005: CamSIS exam entries, and CamCORS adopt Raven authentication Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec

2006 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec

2007 October 2007: Shibboleth IdP service launched; no new Athens accounts January 2007: Plans for a Shibboleth service announced Jan Feb Mar Apr May Jun Introducing Shibboleth talk to Techlinks Jul Aug Sep Oct Nov Dec

2008 July 2008: UK central funding for Athens service stops Jan Feb Mar Apr October 2008: Raven defaults to authenticating without asking May Jun Jul Aug Sep Oct Nov Dec

2009 March 2009: Support for Shib SPs in the University Jan Feb Mar Apr May Jun Jul Aug Sep Oct YOU ARE HERE!! The future Nov Dec

30,000 20,000 10,000 0 Jan 05 Jan 06 Jan 07 Jan 08 Jan 09 Distinct Raven users per month

600 450 300 150 0 Jan 05 Jan 06 Jan 07 Jan 08 Jan 09 Distinct web servers per month

7,500 5,000 2,500 0 Jan 08 Jan 09 Distinct Shib users per month

60 40 20 0 Jan 08 Distinct Shib SPs per month Jan 09

So, Shibboleth, remind me... The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner. http://shibboleth.internet2.edu/ (emphasis mine)

So, Shibboleth, remind me... Standards based, open source software package For web single sign-on Across or within organizational boundaries Informed authorization decisions Individual access Protected online resources Privacy-preserving

So, Shibboleth, remind me... Components Identity Providers (IdPs) Service Providers (SPs) Discovery Services (DSs)

Some use cases The University Inside Outside

E-journals

Windows IIS 7

Authorization decisions lookup X

Other people

Your own IdP X

Existing software EZproxy

So, how do I do it? Install the software Installer to Windows (for IIS or Apache) Ports-based install for MacOS Binary RPMs for SLES10 and CentOS (a.k.a. RHEL) Source RPMs and source files

So, how do I do it? (2) Customize config files (shibboleth2.xml) Start Shib daemon, (re-)start Apache Test Gives you a simple SP protecting /secure/ by requiring a Raven login

Now what? Register your SP? Configure access control Configure virtual hosts Setup SSL?

What s the catch? XML-based config files (even under Windows!) All that software SSL and certificates and stuff Need to actually understand virtual hosting An extra daemon/process Generally more complicated :-((

So how do I cope? https://wiki.csx.cam.ac.uk/raven/ Shibboleth_documentation_and_HOWTOs raven-support@ucs.cam.ac.uk cs-raven-discuss@lists.cam.ac.uk shibboleth-users@internet2.edu

So how do I cope?

The future Prediction is very hard, especially about the future. Niels Bohr

The future Shibboleth 2.0 More attributes Other protocols: OpenID, WS-*, Oauth Non-web The Identity Management Working Group

Thank you for listening There may be questions......including perhaps Why Shibboleth?

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback