Texas A&M University - Infrastructure Services

When should Shibboleth be used?

There are two scenarios where applications will benefit from implementing Shibboleth:

  • Authentication
    You have users from other institutions who need to access your application. Shibboleth will allow these users to log into your application with their home institution loginID and password.
  • Authorization
    CAS, the campus Single SignOn service, returns a user's NetID and UIN when they log into a application. Some applications need more information about the user to determine whether or not that person is authorized to access/use the resource.

    For example, if an application is supposed to be used only by students, Shibboleth can be set up to return data that provides this information.

More about Shibboleth and . . .

Authentication

To ensure that other institutions follow account management procedures on par with Texas A&M University, inter-institutional authentication is possible only with universities who belong to federations Texas A&M has joined. Because of this, inter-institutional authentication is commonly referred to as 'federated authentication'.

To take advantage of federated authentication, the application (service provider) must register with the federation to which Texas A&M and the other institution(s) belong.

Federations of which Texas A&M University is a member can be found on the TAMU Federations page.

Authorization

Shibboleth is able to customize the data returned to a campus application. For more information on the data available to campus applications, please visit the Attributes page.