Breakout Session Details - Session 3


  • eduID, Branding and Design
The problems of the user experience for federated access management are well documented, but are also be tackled on many levels.  This session will focus on the eduiD project, and its links to the Kantara ULX work, the developments being undertaken by the Shibboleth Core Team to improve the discovery process and the work being undertaken by JANET(UK) to improve the UK federation WAYF and to provide a portal solution for WAYFless discovery.  

Download Rod Widdowson's slides on the Shibboleth Discovery Service here

Download France's Burton's slides on WAYF development here.

Download Geoff Curtis slides here.


  • Institutional Service Providers
While most academic Federation members have deployed Identity Provider software in order to access external resources, not so many have deployed the Service Provider software locally to protect internal web applications.  Yet the Shibboleth Service Provider is a simple,  quick and easy way of providing authentication and authorisation to web applications to replace standard LDAP with many additional benefits.  This presentation looks at the mechanism for deploying and configuring the  SP to protect a local web server, thereby bringing it into the Single Sign On domain with the benefit of the standardised login interface that the users are already familiar with and also the possibility of "federating" the application to allow users from other sites to access it.   The presentation also shows how directory attributes can be manipulated and passed out to the Service Provider to be consumed by web applications. 

Download the presentation here.

  • Access Management for a Collegiate University
The University of Oxford comprises more than forty self-governing colleges and halls, together with over seventy departments. The University is a federated institution with an explicit commitment to the principle of subsidiarity – that decisions should be taken at the lowest level appropriate. IT solutions provided by the Computing services and other central IT providers aim to fit the devolved nature of the University, not operate against it. This principle applies in particular to identity and access management services. This session will provide a strategic overview of how access management services, including Shibboleth, are provided to the University, enabling secure authentication and authorisation to IT applications provided by both central IT providers and also departments and colleges. The session will include a discussion of the overall technical architecture for IAM and the core technologies and protocols supported.


  • Parental Engagement
  • Integrated Portal Solutions