...
| Panel |
|---|
| title | CAS and Shibboleth game |
|---|
|
| Panelinfo |
|---|
| icon | false |
|---|
| title | Yale application |
|---|
| Some application that accepts authentication of both Yale users and users that are not Yale users but are remote users – users who can authenticate to some other Shibboleth-hosting institution within the Federation. |
(redirects to, specifying on redirect URL that remote users are acceptable) |
panel | Provides local user login UI and provides some WAYF mechanism whereby non-Yale users can specify at which institution they can authenticate. |
(redirects to Handle Server of institution user selects. Let's say the user is a Rutgers student |
panel| false | | title | Rutgers Handle Server |
|---|
| Itself provides or is fronted by local authentication UI. In Rutgers' case, this is likely CAS. User authenticates to Handle Server (e.g., by authenticating to a local CAS instance and passing through the CAS Java Servlet Filter in accessing the Handle Server). |
|
panel |
The "Local Shib Authority" will do three things: translate attributes from eduPerson to local (e.g. "phone" to "phoneNumber"); filter the attributes, passing through only those that we are willing to accept; and manage the federation – what other schools do we trust?
...