Skip to content Skip to site navigation Skip to service navigation

Setting up a Stanford Service Provider using Stanford's Federated IdP (SAML2) (Lecture)

As Stanford is moving from Webauth to SAML 2.0 this lecture will help you understand what that means for you as an application/service provider.

So you need to authenticate users for your application/service on the network and you don't want to have to handle password changes and everything else that comes with managing users locally?  The Information Security Office has strongly suggested that you should use the campus single-sign on (SSO) infrastructure.

This lecture will cover the terminology of Shibboleth and the Security Assertion Markup Language (SAML) and how it is made available to campus from University IT's campus infrastructure.  It will cover the steps to configure two SAML components.  The objective is that class participants will gain the knowledge necessary to build and configure applications that leverage Stanford's single-signon infrastructure.
 
Abstract:
Topics covered in this lecture include:
- the terminology:
- Shibboleth
- Stanford Webauth
- SAML entities
- IdP, AA, SP, RP, federations
- Working with SAML metadata
- assertions
- claims
- confirming authentication and getting user attributes
- configuring Apache with mod_shib
- review of all the pieces
- overview of the registration process
- what's required in the Apache configuration and metadata files
- configuring Node.js with passport-saml
- review of all the pieces
- overview of the registration process
- what's required in the Node configuration and metadata files

Custom training workshops are available for this program

Technology training sessions structured around individual or group learning objectives. Learn more about custom training


University IT Technology Training sessions are available to a wide range of participants, including Stanford University staff, faculty, students, and employees of Stanford Hospitals & Clinics, such as Stanford Health Care, Stanford Health Care Tri-Valley, Stanford Medicine Partners, and Stanford Medicine Children's Health.

Additionally, some of these programs are open to interested individuals not affiliated with Stanford, allowing for broader community engagement and learning opportunities.