SlideShare une entreprise Scribd logo

Adfs Shib Interop Um Oxford

Télécharger en tant que PPTX, PDF
G
guru122
Technologie
1  sur  14
Active Directory Federation Services Cross-Platform Interoperability Windows Live@Edu – ADFS/Shibboleth
Agenda Introduction  Project Background  Missouri, Oxford & Microsoft  Things we’ll cover:  Overview of Technologies  ADFS/Shibboleth Interoperability Demos 
Project Background Based on OCG White Paper:  Achieving interoperability between Active Directory Federation  Services (ADFS) and Shibboleth Demonstrate interoperability between ADFS and  Shibboleth System 1.3c Release Using ADFS plug-in for SAML 1.1 Identity and Service Providers  Support for WS-Federation Passive Requestor Interoperability Profile  Demonstrate interoperability with sample applications  - Microsoft Office SharePoint Server 2007 and Windows Live IDs
Technology Overview Shibboleth  Standards-based, Open Source Middleware Software  Project of Internet2/MACE (Middleware Architecture Committee for  Education) Internet2 – U.S. Advanced Networking Consortium led by the  education and research community (universities, partners, laboratories, government agencies, etc.) URL: http://shibboleth.internet2.edu/about.html  Implements the OASIS SAML v1.1 specification  December 2005 - Extension for ADFS support is developed  Implemented in Shibboleth versions 1.3.c and later  Platforms include: UNIX (Solaris, etc.), Linux  (Fedora, Ubuntu, etc.), Mac OS-X
Show of Hands How many schools have a websso?   How many use CAS?  Pubcookie?  Something else? How many have a Shibboleth?  How many have ADFS?  How many run a websso & Shib or ADFS?  Does anyone run both ADFS & Shib? 
Project Credits Project Sponsors  Walter Harp, Microsoft Corporation  John DuBois, Microsoft Corporation  Credits and Contributions  Ryan Woodsmall, University of Missouri  Brian Dourty, University of Missouri  Edward D. McKinzie, University of Missouri  Bryan W. Roesslet, University of Missouri  Randy Wiemer, University of Missouri  Chris Calderon, Oxford Computer Group  Jim Muir, Oxford Computer Group 
Technology Overview Active Directory Federation Services (ADFS)  First introduced in Windows Server 2003 R2 to provide “Identity  Federation”  Projecting user identity from a single logon…  Providing single identity based entitlements…  Connecting islands (across security, organizational or platform boundaries)  Result: Web single sign-on & simplified identity management Web Services and WS-* Security Standards  Specifically implementing the WS-Federation and WS-Federation  Passive Requestor Profile specifications
Language Translation
Demonstration Overview Establishing Federated Interoperability between ADFS (Relying Party) and Shibboleth (Identity Provider) Demonstration 2: Shib.org User will access MOSS 2007 Extranet Portal. Demonstration 1: Shib.org User will access Sample Claims- App that will display the set of claims, associated with that user.
Configuration Details ADFS Configuration Policy Requirements  Federation Service URI – This uniquely identifies a federated partner  Federation Service endpoint URL – The URL that partner organizations to send  requests and responses. Token Signing Certificate – Relying Party requires a signing certificate that is used to  by the Identity Providers to digitally sign message exchanges. ADFS Management Console - This is the primary management console for  administrative management of Account Partners (Identity Providers)
Configuration Details Shibboleth Configuration Requirements  XML Metadata - Trust Policy Configuration  idp.xml – (The main configuration file for the identity provider.) Configures the Shibboleth ADFS extension  Provides key information for relying parties  Adds reference mapping support for identity claims (i.e. MS UPNs)  Adds the XML attribute namespace=http://schema.xmlsoap.org/claims to attribute definitions in  resolver.xml for any attributes that should be sent to ADFS providers. resolver.xml – (Attribute extraction)  Defines the connection to attribute store  arp.site.xml– (Attribute release policy)  Defines which attributes are available to relying parties  Controls (Permits/Denies) attribute release rules 
Demonstration Overview Windows Live ID/Passport Interoperability Demonstration 3: Shib.org User access Windows Live@edu by passing WLID through claims to generate SLT. The Identity Provider (IdP) acts as the Windows Live Account Store.
Configuration Details Windows Live ID Interoperability  WLIDs (Short-live Tokens) – Can be used to further extending SSO into  Web Applications. Benefits:  Windows Live ID users can access resources typically only available  only for AD accounts (SharePoint Sites, etc.) Applications do not need to implement any Windows Live ID code  Single Account Management (instead of AD and Windows Live) 
Summary Successfully demonstrated the interoperability between  ADFS and Shibboleth: Straight forward configurations  No special software or customization required by either party.  Language Translation (Understanding component relations of each  technology) Lessons learned  Federating with Windows Live IDs  Microsoft Office SharePoint Server 2007 Compatibility 

Recommandé

Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxfordguestd9aa5
 
Adfs azure
Adfs azureAdfs azure
Adfs azureJethro Seghers
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetShivanand Arur
 
Difference between authentication and authorization in asp.net
Difference between authentication and authorization in asp.netDifference between authentication and authorization in asp.net
Difference between authentication and authorization in asp.netUmar Ali
 
Stix cms general overview_2012
Stix cms general overview_2012Stix cms general overview_2012
Stix cms general overview_2012John Mirabitas
 
Citrix xendesktop Training
Citrix xendesktop TrainingCitrix xendesktop Training
Citrix xendesktop TrainingAcutelearn Technologies
 
Ad fs
Ad fsAd fs
Ad fsIván Sanchez Vera
 
O365-AzureAD Identity management
O365-AzureAD Identity managementO365-AzureAD Identity management
O365-AzureAD Identity managementDavid Pechon
 

Recommandé

Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxfordguestd9aa5
 
Adfs azure
Adfs azureAdfs azure
Adfs azureJethro Seghers
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetShivanand Arur
 
Difference between authentication and authorization in asp.net
Difference between authentication and authorization in asp.netDifference between authentication and authorization in asp.net
Difference between authentication and authorization in asp.netUmar Ali
 
Stix cms general overview_2012
Stix cms general overview_2012Stix cms general overview_2012
Stix cms general overview_2012John Mirabitas
 
Citrix xendesktop Training
Citrix xendesktop TrainingCitrix xendesktop Training
Citrix xendesktop TrainingAcutelearn Technologies
 
Ad fs
Ad fsAd fs
Ad fsIván Sanchez Vera
 
O365-AzureAD Identity management
O365-AzureAD Identity managementO365-AzureAD Identity management
O365-AzureAD Identity managementDavid Pechon
 
Supporting architecture for office 365 spo
Supporting architecture for office 365 spoSupporting architecture for office 365 spo
Supporting architecture for office 365 spoJethro Seghers
 
WSO2 Gadget Server
WSO2 Gadget ServerWSO2 Gadget Server
WSO2 Gadget ServerWSO2
 
Certifications for Azure Developers
Certifications for Azure DevelopersCertifications for Azure Developers
Certifications for Azure DevelopersKrunal Trivedi
 
The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)Jay Simcox
 
Deploying Exchange 2013 in Hybrid Mode
Deploying Exchange 2013 in Hybrid ModeDeploying Exchange 2013 in Hybrid Mode
Deploying Exchange 2013 in Hybrid ModeMicrosoft TechNet - Belgium and Luxembourg
 
SSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy ManagementSSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy ManagementManish Harsh
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...Brian Culver
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Brian Culver
 
SharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthSharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthKashif Imran
 
Cram Class - Lesson 1
Cram Class - Lesson 1Cram Class - Lesson 1
Cram Class - Lesson 1AlexsCloud
 
Sharepoint
SharepointSharepoint
SharepointYanal Mahameed
 
Liferay
Liferay Liferay
Liferay SKALI Group
 
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointHow Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointAntonioMaio2
 
2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSOHuy Pham
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsamitchachra
 
Assessing security of your Active Directory
Assessing security of your Active DirectoryAssessing security of your Active Directory
Assessing security of your Active DirectoryAldo Elam Majiah
 
Cloud introduction
Cloud introductionCloud introduction
Cloud introductionAidy Tificate
 
Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...AntonioMaio2
 
T28 implementing adfs and hybrid share point
T28 implementing adfs and hybrid share point T28 implementing adfs and hybrid share point
T28 implementing adfs and hybrid share point Thorbjørn Værp
 
O365con14 - information protection and control in office 365
O365con14 - information protection and control in office 365O365con14 - information protection and control in office 365
O365con14 - information protection and control in office 365NCCOMMS
 
Can IBM i play with SOA?
Can IBM i play with SOA?Can IBM i play with SOA?
Can IBM i play with SOA?LANSA
 
Microsoft Cloud Computing - Windows Azure Platform
Microsoft Cloud Computing - Windows Azure PlatformMicrosoft Cloud Computing - Windows Azure Platform
Microsoft Cloud Computing - Windows Azure PlatformDavid Chou
 

Contenu connexe

Tendances

Supporting architecture for office 365 spo
Supporting architecture for office 365 spoSupporting architecture for office 365 spo
Supporting architecture for office 365 spoJethro Seghers
 
WSO2 Gadget Server
WSO2 Gadget ServerWSO2 Gadget Server
WSO2 Gadget ServerWSO2
 
Certifications for Azure Developers
Certifications for Azure DevelopersCertifications for Azure Developers
Certifications for Azure DevelopersKrunal Trivedi
 
The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)Jay Simcox
 
SSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy ManagementSSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy ManagementManish Harsh
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...Brian Culver
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Brian Culver
 
SharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthSharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthKashif Imran
 
Cram Class - Lesson 1
Cram Class - Lesson 1Cram Class - Lesson 1
Cram Class - Lesson 1AlexsCloud
 
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointHow Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointAntonioMaio2
 
2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSOHuy Pham
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsamitchachra
 
Assessing security of your Active Directory
Assessing security of your Active DirectoryAssessing security of your Active Directory
Assessing security of your Active DirectoryAldo Elam Majiah
 
Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...AntonioMaio2
 
T28 implementing adfs and hybrid share point
T28 implementing adfs and hybrid share point T28 implementing adfs and hybrid share point
T28 implementing adfs and hybrid share point Thorbjørn Værp
 
O365con14 - information protection and control in office 365
O365con14 - information protection and control in office 365O365con14 - information protection and control in office 365
O365con14 - information protection and control in office 365NCCOMMS
 

Tendances (20)

Supporting architecture for office 365 spo
Supporting architecture for office 365 spoSupporting architecture for office 365 spo
Supporting architecture for office 365 spo
 
WSO2 Gadget Server
WSO2 Gadget ServerWSO2 Gadget Server
WSO2 Gadget Server
 
Certifications for Azure Developers
Certifications for Azure DevelopersCertifications for Azure Developers
Certifications for Azure Developers
 
The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)The Who, What, Why and How of Active Directory Federation Services (AD FS)
The Who, What, Why and How of Active Directory Federation Services (AD FS)
 
Deploying Exchange 2013 in Hybrid Mode
Deploying Exchange 2013 in Hybrid ModeDeploying Exchange 2013 in Hybrid Mode
Deploying Exchange 2013 in Hybrid Mode
 
SSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy ManagementSSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy Management
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
 
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103Unlock your Big Data with Analytics and BI on Office 365 - OFF103
Unlock your Big Data with Analytics and BI on Office 365 - OFF103
 
SharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthSharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims Auth
 
Cram Class - Lesson 1
Cram Class - Lesson 1Cram Class - Lesson 1
Cram Class - Lesson 1
 
Sharepoint
SharepointSharepoint
Sharepoint
 
Liferay
Liferay Liferay
Liferay
 
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointHow Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
 
2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfs
 
Assessing security of your Active Directory
Assessing security of your Active DirectoryAssessing security of your Active Directory
Assessing security of your Active Directory
 
Cloud introduction
Cloud introductionCloud introduction
Cloud introduction
 
Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...
 
T28 implementing adfs and hybrid share point
T28 implementing adfs and hybrid share point T28 implementing adfs and hybrid share point
T28 implementing adfs and hybrid share point
 
O365con14 - information protection and control in office 365
O365con14 - information protection and control in office 365O365con14 - information protection and control in office 365
O365con14 - information protection and control in office 365
 

Similaire à Adfs Shib Interop Um Oxford

Can IBM i play with SOA?
Can IBM i play with SOA?Can IBM i play with SOA?
Can IBM i play with SOA?LANSA
 
Microsoft Cloud Computing - Windows Azure Platform
Microsoft Cloud Computing - Windows Azure PlatformMicrosoft Cloud Computing - Windows Azure Platform
Microsoft Cloud Computing - Windows Azure PlatformDavid Chou
 
Web 2.0 Tech Talk
Web 2.0 Tech TalkWeb 2.0 Tech Talk
Web 2.0 Tech Talkpooyad
 
Azure Platform
Azure Platform Azure Platform
Azure Platform Wes Yanaga
 
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Vincent Biret
 
CTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricCTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricSpiffy
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active DirectoryKrunal Trivedi
 
Teched India Vijay Interop Track
Teched India Vijay Interop TrackTeched India Vijay Interop Track
Teched India Vijay Interop Trackvijayrvr
 
FATC UK - Real time collaborative Flex apps
FATC UK - Real time collaborative Flex appsFATC UK - Real time collaborative Flex apps
FATC UK - Real time collaborative Flex appsMichael Chaize
 
Vijay Mix Presentation
Vijay Mix PresentationVijay Mix Presentation
Vijay Mix Presentationvijayrvr
 
Build and Deploy LightSwitch Application on Windows Azure
Build and Deploy LightSwitch Application on Windows AzureBuild and Deploy LightSwitch Application on Windows Azure
Build and Deploy LightSwitch Application on Windows AzureK.Mohamed Faizal
 
Azure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD DeploymentAzure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD DeploymentAnthony Clendenen
 
Notes On Software Development, Platform And Modernisation
Notes On Software Development, Platform And ModernisationNotes On Software Development, Platform And Modernisation
Notes On Software Development, Platform And ModernisationAlan McSweeney
 
Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10
Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10
Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10TechSoup
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365Scott Hoag
 
Enterprise Mashups With Soa
Enterprise Mashups With SoaEnterprise Mashups With Soa
Enterprise Mashups With Soaumityalcinalp
 
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...Vincent Biret
 

Similaire à Adfs Shib Interop Um Oxford (20)

Can IBM i play with SOA?
Can IBM i play with SOA?Can IBM i play with SOA?
Can IBM i play with SOA?
 
Microsoft Cloud Computing - Windows Azure Platform
Microsoft Cloud Computing - Windows Azure PlatformMicrosoft Cloud Computing - Windows Azure Platform
Microsoft Cloud Computing - Windows Azure Platform
 
Web 2.0 Tech Talk
Web 2.0 Tech TalkWeb 2.0 Tech Talk
Web 2.0 Tech Talk
 
Azure Platform
Azure Platform Azure Platform
Azure Platform
 
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
 
CTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricCTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App Fabric
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active Directory
 
Teched India Vijay Interop Track
Teched India Vijay Interop TrackTeched India Vijay Interop Track
Teched India Vijay Interop Track
 
FATC UK - Real time collaborative Flex apps
FATC UK - Real time collaborative Flex appsFATC UK - Real time collaborative Flex apps
FATC UK - Real time collaborative Flex apps
 
Vijay Mix Presentation
Vijay Mix PresentationVijay Mix Presentation
Vijay Mix Presentation
 
Build and Deploy LightSwitch Application on Windows Azure
Build and Deploy LightSwitch Application on Windows AzureBuild and Deploy LightSwitch Application on Windows Azure
Build and Deploy LightSwitch Application on Windows Azure
 
Azure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD DeploymentAzure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD Deployment
 
WSS And Share Point For Developers
WSS And Share Point For DevelopersWSS And Share Point For Developers
WSS And Share Point For Developers
 
Windows Azure
Windows AzureWindows Azure
Windows Azure
 
Notes On Software Development, Platform And Modernisation
Notes On Software Development, Platform And ModernisationNotes On Software Development, Platform And Modernisation
Notes On Software Development, Platform And Modernisation
 
Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10
Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10
Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
 
Enterprise Mashups With Soa
Enterprise Mashups With SoaEnterprise Mashups With Soa
Enterprise Mashups With Soa
 
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
 
Azure-AD.pptx
Azure-AD.pptxAzure-AD.pptx
Azure-AD.pptx
 

Plus de guru122

Anne Meininger Usa
Anne Meininger UsaAnne Meininger Usa
Anne Meininger Usaguru122
 
Vct Ver. Polska
Vct Ver. PolskaVct Ver. Polska
Vct Ver. Polskaguru122
 
Animations
AnimationsAnimations
Animationsguru122
 
Bilgi Seminerleri1
Bilgi Seminerleri1Bilgi Seminerleri1
Bilgi Seminerleri1guru122
 
Marinier Laird Cogsci 2008 Emotionrl Pres
Marinier Laird Cogsci 2008 Emotionrl PresMarinier Laird Cogsci 2008 Emotionrl Pres
Marinier Laird Cogsci 2008 Emotionrl Presguru122
 
E Pi Server Easy Search Technical Overview
E Pi Server Easy Search Technical OverviewE Pi Server Easy Search Technical Overview
E Pi Server Easy Search Technical Overviewguru122
 
Britwear
BritwearBritwear
Britwearguru122
 
Customizing Share Point The Supported Wa
Customizing Share Point The Supported WaCustomizing Share Point The Supported Wa
Customizing Share Point The Supported Waguru122
 
Deroure Repo3
Deroure Repo3Deroure Repo3
Deroure Repo3guru122
 
Chap1 Cap Capital
Chap1 Cap CapitalChap1 Cap Capital
Chap1 Cap Capitalguru122
 
6 Host Integration
6 Host Integration6 Host Integration
6 Host Integrationguru122
 

Plus de guru122 (13)

chap1-
chap1-chap1-
chap1-
 
Anne Meininger Usa
Anne Meininger UsaAnne Meininger Usa
Anne Meininger Usa
 
Vct Ver. Polska
Vct Ver. PolskaVct Ver. Polska
Vct Ver. Polska
 
Animations
AnimationsAnimations
Animations
 
Bilgi Seminerleri1
Bilgi Seminerleri1Bilgi Seminerleri1
Bilgi Seminerleri1
 
Ucl
UclUcl
Ucl
 
Marinier Laird Cogsci 2008 Emotionrl Pres
Marinier Laird Cogsci 2008 Emotionrl PresMarinier Laird Cogsci 2008 Emotionrl Pres
Marinier Laird Cogsci 2008 Emotionrl Pres
 
E Pi Server Easy Search Technical Overview
E Pi Server Easy Search Technical OverviewE Pi Server Easy Search Technical Overview
E Pi Server Easy Search Technical Overview
 
Britwear
BritwearBritwear
Britwear
 
Customizing Share Point The Supported Wa
Customizing Share Point The Supported WaCustomizing Share Point The Supported Wa
Customizing Share Point The Supported Wa
 
Deroure Repo3
Deroure Repo3Deroure Repo3
Deroure Repo3
 
Chap1 Cap Capital
Chap1 Cap CapitalChap1 Cap Capital
Chap1 Cap Capital
 
6 Host Integration
6 Host Integration6 Host Integration
6 Host Integration
 

Dernier

AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 

Dernier (20)

AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 

Adfs Shib Interop Um Oxford

  • 1. Active Directory Federation Services Cross-Platform Interoperability Windows Live@Edu – ADFS/Shibboleth
  • 2. Agenda Introduction  Project Background  Missouri, Oxford & Microsoft  Things we’ll cover:  Overview of Technologies  ADFS/Shibboleth Interoperability Demos 
  • 3. Project Background Based on OCG White Paper:  Achieving interoperability between Active Directory Federation  Services (ADFS) and Shibboleth Demonstrate interoperability between ADFS and  Shibboleth System 1.3c Release Using ADFS plug-in for SAML 1.1 Identity and Service Providers  Support for WS-Federation Passive Requestor Interoperability Profile  Demonstrate interoperability with sample applications  - Microsoft Office SharePoint Server 2007 and Windows Live IDs
  • 4. Technology Overview Shibboleth  Standards-based, Open Source Middleware Software  Project of Internet2/MACE (Middleware Architecture Committee for  Education) Internet2 – U.S. Advanced Networking Consortium led by the  education and research community (universities, partners, laboratories, government agencies, etc.) URL: http://shibboleth.internet2.edu/about.html  Implements the OASIS SAML v1.1 specification  December 2005 - Extension for ADFS support is developed  Implemented in Shibboleth versions 1.3.c and later  Platforms include: UNIX (Solaris, etc.), Linux  (Fedora, Ubuntu, etc.), Mac OS-X
  • 5. Show of Hands How many schools have a websso?   How many use CAS?  Pubcookie?  Something else? How many have a Shibboleth?  How many have ADFS?  How many run a websso & Shib or ADFS?  Does anyone run both ADFS & Shib? 
  • 6. Project Credits Project Sponsors  Walter Harp, Microsoft Corporation  John DuBois, Microsoft Corporation  Credits and Contributions  Ryan Woodsmall, University of Missouri  Brian Dourty, University of Missouri  Edward D. McKinzie, University of Missouri  Bryan W. Roesslet, University of Missouri  Randy Wiemer, University of Missouri  Chris Calderon, Oxford Computer Group  Jim Muir, Oxford Computer Group 
  • 7. Technology Overview Active Directory Federation Services (ADFS)  First introduced in Windows Server 2003 R2 to provide “Identity  Federation”  Projecting user identity from a single logon…  Providing single identity based entitlements…  Connecting islands (across security, organizational or platform boundaries)  Result: Web single sign-on & simplified identity management Web Services and WS-* Security Standards  Specifically implementing the WS-Federation and WS-Federation  Passive Requestor Profile specifications
  • 9. Demonstration Overview Establishing Federated Interoperability between ADFS (Relying Party) and Shibboleth (Identity Provider) Demonstration 2: Shib.org User will access MOSS 2007 Extranet Portal. Demonstration 1: Shib.org User will access Sample Claims- App that will display the set of claims, associated with that user.
  • 10. Configuration Details ADFS Configuration Policy Requirements  Federation Service URI – This uniquely identifies a federated partner  Federation Service endpoint URL – The URL that partner organizations to send  requests and responses. Token Signing Certificate – Relying Party requires a signing certificate that is used to  by the Identity Providers to digitally sign message exchanges. ADFS Management Console - This is the primary management console for  administrative management of Account Partners (Identity Providers)
  • 11. Configuration Details Shibboleth Configuration Requirements  XML Metadata - Trust Policy Configuration  idp.xml – (The main configuration file for the identity provider.) Configures the Shibboleth ADFS extension  Provides key information for relying parties  Adds reference mapping support for identity claims (i.e. MS UPNs)  Adds the XML attribute namespace=http://schema.xmlsoap.org/claims to attribute definitions in  resolver.xml for any attributes that should be sent to ADFS providers. resolver.xml – (Attribute extraction)  Defines the connection to attribute store  arp.site.xml– (Attribute release policy)  Defines which attributes are available to relying parties  Controls (Permits/Denies) attribute release rules 
  • 12. Demonstration Overview Windows Live ID/Passport Interoperability Demonstration 3: Shib.org User access Windows Live@edu by passing WLID through claims to generate SLT. The Identity Provider (IdP) acts as the Windows Live Account Store.
  • 13. Configuration Details Windows Live ID Interoperability  WLIDs (Short-live Tokens) – Can be used to further extending SSO into  Web Applications. Benefits:  Windows Live ID users can access resources typically only available  only for AD accounts (SharePoint Sites, etc.) Applications do not need to implement any Windows Live ID code  Single Account Management (instead of AD and Windows Live) 
  • 14. Summary Successfully demonstrated the interoperability between  ADFS and Shibboleth: Straight forward configurations  No special software or customization required by either party.  Language Translation (Understanding component relations of each  technology) Lessons learned  Federating with Windows Live IDs  Microsoft Office SharePoint Server 2007 Compatibility 

Notes de l'éditeur

  1. Walk audience through demonstrations 3Windows Live IDs will be populated as a claim by the IdP. This claims is then transformed to generate a short-lived token and redirected to Windows Live mail.
  2. Walk audience through demonstrations 1 and 2. Demo 1: Show attribute extraction using Sample Claims-Aware ApplicationDemo 2: Show compatibility with MOSS 2007