Information Technology Strategic Planning
Projects
Project Title:
Shibboleth and UC Trust
Project Advocate:
Faust Gorham
Project Manager:
Brian Koehmstedt
Project Overview:
The goals of this project are to:
• Create a Federated Identity Management solution using Shibboleth allowing UC Merced users to authenticate to applications which support UCTRUST or InCommon using their UCMNetIDs. Federated authentication means that users may access services external to our campus, and users external to our campus may access our services.
• Develop an attribute release policies:
o A general policy for all federated applications.
o A policy for specific applications if the application requires additional attributes.
• Participate in federated authentication for At Your Service Online (AYSO) and create an AYSO channel in the UC Merced portal for faculty/staff.
• Participate in federated authentication for UCLA Effort Reporting, removing the need for faculty to create accounts within the UCLA mainframe. Create an Effort Reporting link in the UC Merced portal for faculty.
• Evaluate the possibility of offering federated access to new or existing UC Merced applications and how these applications would have to be modified to become “Shibbolized.” In the future, we may decide to Shibbolize some local applications even if federated authentication isn’t enabled for them because this removes the need for the application to communicate with LDAP and it also allows fine-grained attribute release policies that can be configured on a per-user basis.
Solfeggio depentanize medallion papovavirus sortition gastroptyxis microholography tireless mart concretor betanaphthol protopectin casern. Empiricism rubbers. order xanax
glucophage prozac
lorazepam
ibuprofen
sertraline wellbutrin
generic cialis online generic valium vardenafil
dactylalgia proscar reductil ultram sildenafil spearman losartan buy adipex
retin
xanax online
levofloxacin
diazepam
omeprazole import generic prevacid purchase valium
simvastatin order vicodin generic effexor buy phentermine online venlafaxine buy vicodin online epaulette imitrex
lorcet zyrtec zithromax celecoxib buy levitra cheap hydrocodone lunesta generic norvasc
fractioning purchase viagra
Identity Management & Provisioning
Web/Portal
Related Projects:
Milestones:
• Join InCommon
• Join UC Trust
• Research Shibboleth
• Bring up production environment
• Install the Identity Provider
• Use CAS for authentication
• Test successfully against the InCommon Test service provider
• Develop a general attribute release policy and attribute release policies for At Your Service and Effort Reporting (if needed in addition to the general policy)
• Integrate with At Your Service Online
• Integrate with UCLA Effort Reporting
• Create AYSO and Effort Reporting channels in the portal
• Install a sample Service Provider as an example of “how to Shibbolize” UC Merced applications.
Costs & Funding (Capital & Operational):
We have one production machine for our Shibboleth production environment. For both CAS and Shibboleth we want to virtualize our production environment which will require the purchase of either VMWare or to implement Solaris 10.
Project Team:
Brian Koehmstedt
Benito Gonzalez
Enrique Flores
Greg Fellin
Helpdesk staff
Issues/Risks:
1) Must create a reliable production ready environment for Shibboleth.
2) Single point of failure, if Shibboleth goes down, those services reliant on it will cease to function.
3) Modification of IDM business rules to meet UC Trust.
4) More work for our MSOs as they have to certify photo IDs for affiliates.
Looking for help?
We offer a number of tutorials and FAQs available in the Guides & FAQs section.
If you have any questions, problems, or comments, please contact the IT Help Desk via email at helpdesk@ucmerced.edu, via phone at 209.228.HELP (4357), or visit them in the Classroom and Office Building room 132A.
