Shibboleth®
The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.
Featured News
The Shibboleth team will transition Shibboleth v1.3 from Previous Stable release to the Earlier / Unsupported category on June 30, 2010.We currently do not add new features to v1.3, nor guarantee that changes made to the current release are backwards compatible with v1.3. As of June 30, 2010, the team will no longer promise to supply security updates. We would continue to answer questions on the mailing lists about v1.3 as time and knowledge allows.
For details on the support levels, see http://shibboleth.internet2.edu/shib-which-version.html.
We believe that the transition schedule -- this change is proposed to occur 17 months from now -- builds in enough time for sites to plan and implement for this change.
News
- SECURITY ADVISORY - 19 June 2009 - Potential Access to Sensitive Information when Clustering Shibboleth 2.X IdPs
- SECURITY ADVISORY - 15 June 2009 - Shibboleth SP software on IIS vulnerable to header spoofing
- Shibboleth InstallFests, an outreach effort of the Internet2 community, have provided installation training to 232 individuals from more than 100 institutions. Read more about this ongoing effort. (Feb. 17, 2009)
- The Shibboleth Development Team is seeking comments and feedback on their plans for the next release.
- New JAVA Service Provider Implementation Based on OpenSAML 2 (Sep. 6, 2008)
The Danish Government has released free toolkits and reference implementations built on the OpenSAML 2.0 libraries developed by Internet2's Shibboleth Project. - More...
Events
