The Division of IT provides several methods for user authentication: Shibboleth Single Sign-On, InCommon Federated Authentication and Lightweight Directory Access Protocol (LDAP). The guidelines for each method are outlined in the Authentication Services Policy.
Each method for user authentication provided by the Division of IT has its own advantages. A brief description of each method follows:
Shibboleth IdP is the preferred method of user authentication. Shibboleth is an open source, standards-based Single Sign-On authentication service for the web. It also allows sites to make informed authorization decisions for individual access to protected resources. Shibboleth consists of two primary pieces: an Identity Provider (IdP) and a Service Provider (SP). There is one IdP system-wide for the University of Missouri, operated by the Division of IT. SPs are operated by the individual application or resource owner. SPs can be University of Missouri applications or an external third party service. An SP may also request to receive attributes describing the authenticated user.
The University of Missouri is an active participant and committed to the success of the InCommon Federation, which allows us to establish trust relationships that let University of Missouri faculty, students and staff use their University credentials with other participating organizations, such as:
LDAP is available to internal non-web applications. The preferred authentication method for web applications is Shibboleth Single Sign-On. Some applications and custom code require integration with Active Directory to provide user authentication and to query Active Directory object attributes. This can be accomplished in a variety of ways and will be dependent upon the application and/or code language invoked.
There are no fees associated with this service.
The Division of IT works with application or resource owners to setup the integration for authentication. However, departmental requests would need to come through an IT Pro.
Shibboleth Service Provider Software-Shibboleth is an open-source, free software. The Service Provider software provides Single Sign-On capabilities for web applications written in any language or framework and integrates with Apache and IIS. Shibboleth Service Provider Software Download
When the Service Provider software is installed, configured and ready to integrate with the University of Missouri System IdP, do the following:
The Division of IT recommends application owners consult the following resources for information when downloading, installing and configuring the Shibboleth Service Provider software:
For additional assistance, contact Tech Support at 573.882.5000.