Shibboleth®

The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.

For details on the support levels, see http://shibboleth.internet2.edu/shib-which-version.html.

• SECURITY ADVISORY - 4 Nov 2009 - Shibboleth IdP and SP software improperly handles malformed URLs
• Emerging Technologies in Higher Education: Big School Solutions to Small School Problems [Archive] ,
  John O'Keefe, Lafayette College, 2 Oct 2009
• SECURITY ADVISORY - 26 Aug 2009 - Shibboleth SP software improperly handles malformed URLs
• SECURITY ADVISORY - 17 Aug 2009 - Shibboleth SP software handles certificate names and KeyDescriptors improperly
• Video: Shibboleth Webinar with Nate Klingenstein (55:15)
  Courtesy Unicon, May 28, 2009
• SECURITY ADVISORY - 19 June 2009 - Potential Access to Sensitive Information when Clustering Shibboleth 2.X IdPs
• SECURITY ADVISORY - 15 June 2009 - Shibboleth SP software on IIS vulnerable to header spoofing
• Shibboleth InstallFests, an outreach effort of the Internet2 community, have provided installation training to 232 individuals from more than 100 institutions. Read more about this ongoing effort. (Feb. 17, 2009)
• The Shibboleth Development Team is seeking comments and feedback on their plans for the next release.
• New JAVA Service Provider Implementation Based on OpenSAML 2 (Sep. 6, 2008)
  The Danish Government has released free toolkits and reference implementations built on the OpenSAML 2.0 libraries developed by Internet2's Shibboleth Project.
• More...

• Past Events...