« The Ever-So-Cryptic Nuclear Missle Launch Code | Main | Building a Fort in the Living Room »

August 25, 2004

Shibboleth Demo a Success

Over the past two days I've madly worked to get ready for a demo of Shibboleth-based authentication for our site. Although there is some interest in using Shibboleth, it never stays long on the top of the priority list which slows progress considerably.

The bulk of the time I spent compiling and recompiling Apache to try to get the Shibboleth authentication module to work alongside our own authentication module. Around 6:30pm I gave up on creating one Apache process that could do handle both types of authentication and built a separate, stripped-down Apache and wrote a Perl script to do what I needed. Once I embraced putting shib auth into a separate Apache process the development went quite quickly.

Shibboleth protects the Perl script, so once the authentication has happened and the assertion is available from the identity provider the Perl script pickes that up, provisions an account, creates a cookie, and forwards the user to the requested page. The major goal of Shibboleth is accomplished, the user doesn't have to give us information to authenticate but can access content in the system.

The demo was to a small group; the team members, my boss and my bosses boss. A lot of good conversation generated and the go-ahead to initiate communication with some potential schools to offer some sets of our content.

Posted by mike at August 25, 2004 2:03 PM