IAM, Enterprise Directories and Shibboleth (oh my!)

Wednesday, May 13, 2009
PDF icon iam-shib-eds.pdf2.97 MB


  • June Meeting - UIS Transition to Mosaic; Rachel Serrano (presenting) would like to know prior to the meeting if there any specific questions. Please email them to Cheri Darling or UA Web Dev leadership.
  • There are two leadership positions that will expire in June: Chair and Secretary. We will vote at the meeting next month so please send your nominations (or volunteer yourself) to the leadership team at UAWEB-LEADERSHIP@LISTSERV.ARIZONA.EDU.

Presentation: IAM, Enterprise Directories and Shibboleth (oh my!)
Presenter: Gary Windham, Senior Enterprise Systems Architect, UITS



Question: Are retirees in EDS?
Answer: No, but the scope of EDS may include retirees and alumni at some point.

Question: Is this the same LDAP server that's always been around?
Answer: It's not the NetID server, no.

Question: Can we use this for authentication?
Answer: No, it's for authorization.

Question: What is Shib-persistent-id?
Answer: A unique identifier which does not have personally identifiable information.

Question: Are lazy sessions appropriate for web application frameworks like Ruby on Rails?
Answer: Yes.

Question: Does Shibboleth/EDS take the place of UIS?
Answer: It can.

Question: If we need course information, do we need to wait for Groups?
Answer: Yes.

Question: When is WebAuth being turned off?
Answer: It's not. WebAuth works with Shibboleth.

Question: Does W4 have Shibboleth installed?
Answer: Unsure. Ask Todd Merritt.
Update: As of 5/14 it has been installed on W4.