The Shibboleth initiative is developing an open, standards-based solution to meet the needs for organizations to exchange information about their users in a secure, privacy-preserving manner. This topic provides a brief overview of Shibboleth and explains how it is installed on Blackboard Learn.
Shibboleth is a single sign-on system that authenticates visitors to a website by accessing information stored on the user’s security domain. This permits users to access controlled information securely from anywhere without additional passwords or needlessly compromising privacy. For example, if a student is taking classes at two universities, and both schools use Shibboleth, the student may have a single username and password to access information at both universities’ websites.
Shibboleth is fully supported as a custom authentication option for Blackboard Learn on Linux/Solaris operating systems. Because of the experimental nature of the underlying Shibboleth technologies and limited operational expertise available for Shibboleth, Blackboard recommends that customers consider running a restricted pilot implementation on a test or development server before making this feature generally available on their systems.
Before you configure the Shibboleth server, you first must create Blackboard Learn users using the same user ID that will be passed back to Blackboard Learn using the REMOTE_USER environment variable.
Blackboard Learn's Shibboleth integration allows the Shibboleth Identity Provider (IdP) to be used for initial authentication while leaving Blackboard Learn in charge of session management. The advantages include:
- Only pages that actually require authorization are sent over to Shibboleth for authentication. Guest access continues to work properly.
- Using multiple authentication types on the Blackboard Learn server.
To accomplish this, Shibboleth provides a single URL deep within Blackboard Learn that users are redirected to when authentication is needed. This URL is the only one that Shibboleth restricts access to.
Installation of Shibboleth Authentication Integration with Blackboard Learn requires that you have a functional Shibboleth installation. To install your Shibboleth Integration, follow the steps described in the Install and Upgrade Optional - Setup or Update Shibboleth topic.