Get Started

This page provides technical managers and implementers with suggestions on the process for deploying the Shibboleth software. The Info Centers on this site provide both of those groups with links to additional resources for deploying and supporting Shibboleth.

There are separate sections for Identity Provider (IdP) and Service Provider (SP) deployments. Shibboleth can be deployed using several different models.

Identity Provider

1) Pick your intended use of Shibboleth and write a brief description of what success would look like. No matter what you choose to do, get connected to the Shibboleth community first. Subscribe to shibboleth-users@internet2.edu. Don’t miss the searchable archives too.

2) Inventory what you’ll need to have in place
(Actual prerequisites depend on security requirements of the application.)

  • Organizational Single Sign-on System
    • Enterprise authentication system and method for distributing passwords securely.
  • Controlled Information Release
    • Identity information (or attribute) store. This can be a directory (most common) or database.
    • Method for provisioning the identity store from the source(s) of authority (e.g. student identity attributes moved from the student system to a directory). This is typically done using an identity management system as an intermediary, but is not required.
  • Federated Access

3) Decide on who will do the work.

  • To install Shibboleth for one of the Enterprise Web SSO options, you’ll need technical staff comfortable with:
    • Identity Management
    • Apache Web Server, Tomcat, and LDAP or Active Directory
  • Want to contract with someone else?
    With no Internet2 endorsement offered or implied, the Support page lists some commercial companies offering Shibboleth Installation and Support.

4) Get acquainted with what’s available to help

  • The Shibboleth Deployment Checklist (html pdf) will help you identify and map your local project needs in the policy, process, and technology areas during your deployment project. This document contains separate sections for each deployment option.
  • For specifics on personnel and technical resources needed, refer to case study presentations of how campuses have implemented each phase from Shibboleth CAMP 2007.
  • The Info Centers provide information and resources for IT managers and technical staff.

5) Do a "proof-of-concept" install to let the technical deploy staff learn about managing the Shibboleth software, and identify local technical issues.

6) Install the Shibboleth software, configure it, and take it to production.

Refer to the documentation on the wiki; Jira bug submission, status, and fixes; and security alerts.

Service Provider

1) Pick your intended use of Shibboleth and write a brief description of what success would look like. No matter what you choose to do, get connected to the Shibboleth community first. Subscribe to shibboleth-users@internet2.edu. Don’t miss the searchable archives too.

2) Decide on who will do the work.

  • To run just the Shibboleth Service Provider software, you’ll need technical staff comfortable with:
  • Want to contract with someone else?
    With no Internet2 endorsement offered or implied, the Support page lists some commercial companies offering Shibboleth Installation and Support.
Internet2 Home Membership Network Communities Services R&D Tools Events Newsroom About
Privacy | Site Map | Terms of Use | Contact Us     Copyright 2008 Internet 2