Latest Blog Posts
You joined the InCommon Federation, now what?
You have paid your InCommon membership dues, your federation admins have been vetted, and you even uploaded your IdP metadata in the InCommon Federation Manager website. Like many new members, you are probably asking yourself, "Now what?"
LDAP TLS/SSL Config for the Shibboleth IdP Explained
Many Shibboleth IdP adopters use LDAP as provide both an authentication provider and an attribute source. There is always the question of "do we need to configure TLS/SSL for the IdP's connection to the LDAP server(s)?". My response is "always" because we need to protect the user's credentials even in the most trusted network. My question back to the client, "Why do wouldn't you?". Often the response is somewhere between "we've tried and we got it to work once, but then it broke sometime" and "we could never get it to work".
Successfully Integrating a SAML Service Provider
A common task when running a SAML Identity Provider (IdP) is integrating additional SAML service providers (SP). This task is not a trivial one, especially when compared to integrating CAS clients. New IdP administrators can run into problems before they even start with the technical task at hand because they aren't given the correct information to be successful. The request to do an integration usually goes something like this:
Nov 5, 2015 - Unicon IAM Update/Briefing
On November 5th, we had a great quarterly IAM briefing. Misagh Moayyed, Jonathan (JJ) Johnson, and David Langenberg presented to me to discuss CAS, Shibboleth, and Grouper. This webinar was recorded.
July 9, 2015 - Unicon IAM Update/Briefing
On July 9th, we had a great IAM briefing. Misagh Moayyed, Jonathan (JJ) Johnson, and David Langenberg presented to us. This webinar was recorded. You can watch the recording, or just checkout the slides.
Here are some highlights:
shib-cas-authn3 supports Shib IdP v3.0
The shib-cas-authn extensions, developed as part of Unicon's Open Source Support program, is used to delegate the Shibboleth IdP's user authentication to a CAS Server. Whether the client application is a CAS client or a Shibboleth/SAML SP, the integration presents the user with a single SSO experience. Today, Unicon's IAM team released the next version of the shib-cas-authn extension.
Nov 6, 2014 - Unicon IAM Update/Briefing
Welcome to Nov 2014 IAM Briefing
Note: This webinar was recorded. Watch the recording.
During this briefing we will discuss:
Moodle's race with CAS Server
A client was testing our integration between CAS Server 3.5.2.1 and Moodle 2.6. The lead tester reported that it was often requiring two authentications attempts to login into CAS Server after being redirected there from Moodle. Interestingly enough I was rarely able to invoke the same symptom. The exact symptom is that a user sees the login page, enters their credentials, and after hitting the Login button, the user is show an empty login form. There is no error message, no pre-populated username field. Just the empty login form.
June 26th, 2014 - Unicon IAM Webinar Update
Welcome to June 2014 IAM Briefing
During this briefing we will discuss: updates on CAS, Shibboleth and Grouper; Unicon contributions to CAS, Shibboleth and Grouper; and Unicon's Open Source Support. We'll end with questions and answers.
Our presenters are Mike Grady and Misagh Moayyed. Mike works with IAM, Shibboleth, CAS, Internet2 Scalable Privacy. He worked 36 years at University of Illinois before going working for Unicon. He is Unicon’s Open Source Support for Shibboleth technical lead.