Over time, Stanford is switching from its homegrown WebAuth to the SAML 2.0 standard for web authentication. For Stanford servers and applications using WebAuth to authenticate users, this will involve a WebAuth to Shibboleth migration. If you manage such resources, you will be able to find project plans and links to technical documentation on this page.
- Take inventory of your current WebAuth application(s).
The following information will be required for the migration:
- Application name, URL, business owner, application owner, technical lead, group email
- List of attributes used by the application, or current keytab principle
- Join the mailing list firstname.lastname@example.org.
- WebAuth to SAML/Shibboleth Service Provider (SP) Migration (Sunet ID and password required)
Identity & Access Management (IAM) Project Roadmap & Timeline
|Milestone (All Running in Cloud)||Completion|
|Stop issuing new WebAuth-enabled sites (application keytabs)||March 31, 2017|
|KDC & IdP UAT in Cloud (replica)||May 31, 2017|
|50% of UIT Applications on SAML||May 31, 2017|
|LDAP UAT in Cloud (replica)||Summer 2017|
|SAML Single Sign-on (SSO) no longer depends on legacy infrastructure
Note: No impact to current WebAuth-enabled applications.
|Support for Stanford WebAuth Ends||Summer 2018|