90 likes | 211 Views
Barry Johnson hbj@clemson.edu. Campuses New to Shibboleth: Attribute Delivery. Who is this guy?. 18 years with Clemson IT Director of Services Engineering Developer and Sysadmin at heart Creator of Clemson’s current WebSSO system. Overview. What are attributes?
E N D
Barry Johnsonhbj@clemson.edu Campuses New to Shibboleth: Attribute Delivery
Who is this guy? • 18 years with Clemson IT • Director of Services Engineering • Developer and Sysadmin at heart • Creator of Clemson’s current WebSSO system
Overview • What are attributes? • Use cases for asserting them. • Where do I get them? • Who gets to see them? • Challenges
What are attributes? Any information you can assert about the user: Identity Affiliation Entitlements
Use cases Authorization Curbing data source credential creep Data common to many apps
Where do I get them? Ideally from the authoritative source IDM system ERP system SIS system
Who gets to see them? Data stewards determine this Managed through ARP and AAP
Challenges / Lessons Learned Tech: Easy Policy: Not so much Start policy talks early.