If you know your way around Apache and have a decent knowledge of Java
then it might be possible! What sort of Institutional Idenity Management
Architecture have you in place at present?
Malcolm.
---
Dr Malcolm Murray
Learning Technologies Team Leader
IT Service
Durham University
-----Original Message-----
From: Blackboard/Courseinfo userslist
[mailto:[log in to unmask]] On Behalf Of Frost N.J.
Sent: Monday, December 17, 2007 3:23 PM
To: [log in to unmask]
Subject: Re: Shibboleth with Blackboard
Malcolm,
Thanks very much for the quick reply - though I'm a bit worried by the
sound of 'in theory' and 'after a fight'!
How feasible do you think it is to get this running, with a custom
authentication class, in a production environment within a couple of
months?
Regards,
Nigel
-----Original Message-----
From: Blackboard/Courseinfo userslist
[mailto:[log in to unmask]] On Behalf Of MURRAY M.R.
Sent: 17 December 2007 14:45
To: [log in to unmask]
Subject: Re: Shibboleth with Blackboard
Hi Nigel,
In theory it is possible to do this.
You can get Bb to work with Shibboleth after a fight using "simple" web
server delegation, but this is an all or nothing activity.
To get the choice of AD or Shibb, then you will need to write a custom
authentication class that offers the user the choice. Alternatively (or
possibly additionally) you could look to switching to something like CAS
to handle your authentication. This can be used as the WebISO required
by Shibb (e.g. in place of something like PubCookie, which we used). CAS
can "chain" authentication authorities, which is what you want to do.
Cheers,
Malcolm.
---
Dr Malcolm Murray
Learning Technologies Team Leader
IT Service
Durham University
-----Original Message-----
From: Blackboard/Courseinfo userslist
[mailto:[log in to unmask]] On Behalf Of Frost N.J.
Sent: Monday, December 17, 2007 2:26 PM
To: [log in to unmask]
Subject: Shibboleth with Blackboard
Hi,
I'm just starting on a project to implement Shibboleth authentication
for Blackboard, specifically for students from another institution.
I've got a bit of learning to do on the Shibboleth side, but there is
one question that particularly concerns me...
Is it possible to maintain the current LDAP/AD authentication for
internal students, while at the same time providing Shibboleth WAYF for
a few external students?
If we have to move all access to Shibboleth, that will massively
increase the scope of the project. Is it feasible to simply provide a
different URL for the Shibboleth route?
Has anyone had any experience of this?
Regards,
Nigel
________________________________
Nigel Frost
Project Manager
Information Systems Services
University of Southampton
SOUTHAMPTON SO17 1BJ
email: [log in to unmask]
phone: 023 8059 8826 (ext 28826)
________________________________
|