FederationProtocol

From REFEDs

Jump to: navigation, search

Federations

Contents

Federation ACOnet Identity Federation (.at)

Protocol
OpenID relations

OpenID is dead. We'll have to see what becomes of OpenID Connect.

Implementations
  • Mostly Shibboleth 2.x
  • Few SimpleSAMLphp
  • 1 MS-ADFS
  • Whatever commercial implementations e-resource (library) providers are using
Metadata

--Peter.schober@univie.ac.at 20:53, 25 March 2014 (UTC)

Federation AAF (.au)

Protocol
  • SAML2.0
  • SAML1.1/Shibboleth (for older SPs only)
OpenID relations

The federation does not currently provide a gateway to OpenID The federation does not currently provide a gateway from OpenID

Implementations
  • 100% of IdPs are Shibboleth 2.x
  • Majority of SPs are Shibboleth 2.x, the remainder are a mix of SimpleSAMLPHP and Shibboleth 1.3.x

All new IdPs and SPs are deploying SAML2 compliant software.

Metadata

Two versions of Metadata are provided,

Details of each are available at Two versions of the AAF Metadata available

--enquiries@aaf.edu.au 05 Feburary 2013

Federation CAFe (.br)

Protocol
Which protocol(s) is/are used for federating identities? 
for instance, SAML1.1/Shibboleth, SAML2.0, Liberty ID-FF 1.2
OpenID relations
How does the federation relate to OpenID?
Does the federation provide a gateway to OpenID?
Does the federation provide a gateway from OpenID?
Links, notes?
Implementations
What implementation(s) of the protocol is/are used in the IDPs and SPs?
Metadata
Add here the link to your metadata. //link/to/federation/metadata

--Mikael.Linden@csc.fi 06:47, 22 October 2010 (UTC)

Federation CAF (.ca)

Protocol
  • SAML 2.0
  • SAML 1.1/Shibboleth
OpenID relations

No current services. Future interoperability with OpenID, OAUTH, UMA, etc under consideration.

Implementations

Shibboleth 2

Metadata

https://caf-shibops.ca/CoreServices/index.shtml

Federation SWITCHaai (.ch)

Protocol
OpenID relations

See the statement on Digital Identities, SWITCHaai and OpenID

Implementations

04/2012: All IdPs use Shibboleth 2.x and 98% of SPs support SAML2, most of them using Shibboleth 2.x

Metadata

Metadata web page

--Thomas.lenggenhager@switch.ch 14:00, 15 March 2013 (UTC)

Federation COFRE (.cl)

Protocol
Which protocol(s) is/are used for federating identities? 
for instance, SAML1.1/Shibboleth, SAML2.0, Liberty ID-FF 1.2
OpenID relations
How does the federation relate to OpenID?
Does the federation provide a gateway to OpenID?
Does the federation provide a gateway from OpenID?
Links, notes?
Implementations
What implementation(s) of the protocol is/are used in the IDPs and SPs?
Metadata
Add here the link to your metadata. //link/to/federation/metadata

--Brook Schofield 13:37, 30 July 2012 (UTC)

Federation CARSI (.cn)

Protocol
Shibboleth 2.0 (within China)
Shibboleth 2.0/1.3 (to connect SPs from outside of China)
OpenID relations
None.
Implementations
Shibboleth 2.x in China.
Metadata
http://www.carsi.edu.cn/carsimetadata/carsifed-metadata.xml 

--lvjie@pku.edu.cn 07:00, 24 August 2011 (UTC)

Federation eduID.cz (.cz)

Protocol
* SAML2.0, SAML1.1
OpenID relations
The federation does not relate to OpenID at the moment.
Implementations
 IdPs use Shibboleth 2.x or SimpleSAMLphp, 95% of SPs support SAML2 using Shibboleth, SimpleSAMLphp or OpenAthens.
Metadata
See metadata section at technical overview.

--jpavlik@cesnet.cz 22:59, 7 April 2013 (UTC)

Federation DFN-AAI (.de)

Protocol

Shibboleth 1.3, Shibboleth 2.x

OpenID relations
How does the federation relate to OpenID?   OpenID is currently not supported
Does the federation provide a gateway to OpenID?
Does the federation provide a gateway from OpenID?
Links, notes?
Implementations

Shibboleth 1.3, Shibboleth 2.x

Metadata

https://www.aai.dfn.de/fileadmin/metadata/DFN-AAI-metadata.xml
https://www.aai.dfn.de/fileadmin/metadata/DFN-AAI-Basic-metadata.xml
(according to Degree of Reliance)

--pempe@dfn.de 10:18, 17 March 2013 (UTC)
--jrau@dfn.de 23 November 2009

Federation WAYF (.dk)

Protocol

SP: SAML2/ SAML1.1 (Shibboleth) - IdP: SAML2/CAS/CAS+LDAP

OpenID relations
How does the federation relate to OpenID?
Does the federation provide a gateway to OpenID?
Does the federation provide a gateway from OpenID?
Links, notes?

WAYF as of now does not support OpenID.

Implementations

SimpleSAMLphp

Metadata

http://wayf.dk/wayfweb/metadata.html (-> www.wayf.dk ->Help-menu -> metadata)

--Jacob-Steen Madsen 13. September 2010

Federation TAAT (.ee)

Protocol
Which protocol(s) is/are used for federating identities? 
for instance, SAML1.1/Shibboleth, SAML2.0, Liberty ID-FF 1.2
OpenID relations
How does the federation relate to OpenID?
Does the federation provide a gateway to OpenID?
Does the federation provide a gateway from OpenID?
Links, notes?
Implementations
What implementation(s) of the protocol is/are used in the IDPs and SPs?
Metadata
Add here the link to your metadata. //link/to/federation/metadata

--Mikael.Linden@csc.fi 14:08, 13 June 2012 (UTC)

Federation SIR (.es)

Protocol
  • PAPI 1
  • SAML 1.1 - Shibboleth 1.3 profile
  • SAML 2.0
  • OpenID 1 & 2
  • OAuth 2 Assertion Profile
  • Proprietary: MSDNAA, Wiley's TPS, Microsoft Live@edu, AppleStore
OpenID relations
Implementations
  • PAPI 1.4.x & 1.5.x
  • simpleSAMLphp 1.4
  • PAPOID
  • OAuth2lib + SIROPE
Metadata

http://www.rediris.es/sir/metadata.html

--Jaime.perez@rediris.es 15:54, 29 February 2012 (UTC)

Federation Haka (.fi)

Protocol
  • SAML 2.0. The step-by-step migration to SAML2.0 is over.
  • the federation has a SAML2 profile based on saml2int.org v0.2([1])
OpenID relations

None. Some institutions have interest in a social-to-SAML gateway

Implementations
  • mostly the Shibboleth ver 2.0 implementation. Also two other SAML2 IdPs and SPs (OpenSSO, Ubisecure SSO/Trust).
  • no SAML1.1/Shibboleth IdPs and SPs left
Metadata

--Mikael.Linden@csc.fi 14:17, 15 November 2013 (UTC)

Fédération Éducation Recherche (.fr)

Protocol

SAML 1.1 and SAML 2.0 See the technical framework https://services.renater.fr/federation/en/technical-framework#standards_used_in_the_federation

OpenID relations
No relations, studies, no use case.
Implementations

Shibboleth 1.3 : 8% of SPs ;

Shibboleth 2.x : 85% of SPs ; 99% of IdPs

OIOSAML: 1 SP

simpleSAMLphp: 1 SP and 1 IdP

ADFS: 1SP

Lasso Library: > 50 SP

Metadata

https://services.renater.fr/federation/en/metadata

--Mlinden@csc.fi 18:12, 24 March 2008 (CET)

--1984588@sac.cru.fr 15:57, 9 February 2010 (UTC)

Federation GRNET (.gr)

Protocol

SAML 1.1 (deprecated), SAML 2.0

OpenID relations

None

Implementations

Shibboleth 2.1

Metadata

http://aai.grnet.gr/metadata.xml

Federation AAI@EduHr (.hr)

Protocol RADIUS + SOAP + SAML (2.0; support for 1.1. to be terminated)
OpenID relations OpenID support tested and maybe added to production upon request (use case should be presented)
Implementations RADIUS + LDAP servers + AOSI SW developed by Srce (current version +2.0) + simpleSAMLphp tool
Metadata kept in central MDS database; published also via mds.edugain.org
--Miro@srce.hr 19 September 2010

Federation NIIF AAI (.hu)

Protocol

SAML 2.0

OpenID relations

Not yet

Implementations
  • IdP: Shibboleth, SimpleSAMLphp
  • SP: Shibboleth, SimpleSAMLphp, OpenSSO (OpenAM)
Metadata

http://metadata.eduid.hu/metadata.xml

--Hege@niif.hu 11:17, 27 May 2010 (UTC)

Federation Edugate (.ie)

Protocol

SAML2 (SAML2 Web SSO Interoperable Profile speciffically)

OpenID relations

There is no Edugate bridge for social IdP's as such the social IdP's as the federation policy effectively excludes it. However, there is no restrictions on bridges being deployed by an SP . HEAnet provides assistance with such deployments which use SSPHP

Implementations

HTTP-POST/HTTP-Redirect

Metadata

https://edugate.heanet.ie/edugate-metadata-signed.xml

Federation IsraGrid Federation (.il)

Template:FederationIsraelProtocol

Federation INFLIBNET Access Management Federation (.in)

Protocol
Which protocol(s) is/are used for federating identities? 
for instance, SAML1.1/Shibboleth, SAML2.0, Liberty ID-FF 1.2
OpenID relations
How does the federation relate to OpenID?
Does the federation provide a gateway to OpenID?
Does the federation provide a gateway from OpenID?
Links, notes?
Implementations
What implementation(s) of the protocol is/are used in the IDPs and SPs?
Metadata
Add here the link to your metadata. //link/to/federation/metadata

--Mikael.Linden@csc.fi 07:23, 15 June 2012 (UTC)

Federation IDEM (.it)

Protocol

SAML1.1/Shibboleth, SAML2.0

OpenID relations

No OpenID relation

Implementations

No more IDPs only SAML1
No more IDPs using Microsoft ADFS (SAML2 only)
Majority uses Shibboleth IDP 2.x (SAML2 and SAML1.1) and 5 IDPs use SimpleSAMLphp (SAML2 only)

1 SPs is still using Shibboleth 1.3 (SAML1.1), expecting to upgrade ASAP.
Others use Shibboleth SP 2.1.x or SimpleSAMLphp

All new IdPs and SPs are deploying SAML2 compliant software.

Metadata

https://www.idem.garr.it/docs/conf/signed-metadata.xml
Metadata web page

--Marialaura.mantovani@garr.it 15:19, 27 June 2013 (UTC)

Federation GakuNin (.jp)

Protocol
  • Shibboleth 2.0 (within Japan)
  • Shibboleth 2.0/1.3 (to connect SPs from outside of Japan)
OpenID relations
none
Implementations
  • Shibboleth 2.x in Japan
Metadata

--Takeshi@gakunin.nii.ac.jp 09:59, 16 June 2011 (UTC)

Federation LAIFE (.lv)

Protocol

SAML2.0

OpenID relations

None

Implementations
  • IDPs : Shibboleth, SimpleSAMLphp, - LDAP, Oracle, Mysql, Radius
  • SPs : Shibboleth2, SimpleSAMLphp, SAML2.0 SP applications
Metadata
https://laife.lanet.lv/metadata/laife-metadata.xml

--Martins.Purins@lu.lv 12:00, 12 April 2010

Federation SIFULAN (.my)

Protocol
  • Shibboleth 2.0
OpenID relations
none
Implementations
  • Shibboleth 2.x
Metadata

Federation SURFnet (.nl)

Protocol

Protocols available for federating identities:

  • SAML2.0 (for SPs and IDPs)
OpenID relations

SURFconext does not provide a gateway to OpenID. However, SURFnet is considering to allow OpenID protocol termination on its gateway to facilitate SSO for users from IDPs that desire to provide OpenIDs themselves. No gateway from OpenID is provided towards the federation, although SURFnet as an SP considers using an OpenID gateway for allowing guest access to selected services. Links, notes?

Implementations an integrated combination of custom PHP-based software and PingFederate (5.x) servers is used to provide the protocol handling and conversion functionality
Metadata SURFfederation does real-time federation protocol translation: this allows an IdP or SP to federate using any of the above federation protocols. There is no metadata for A-Select-cross and WS-Fed connections; SAML 2.0 metadata can be found at: http://federatie.surfnet.nl/metadata-sfs-sp-saml20-signed.xml (for IDPs) and http://federatie.surfnet.nl/metadata-sfs-idp-saml20-signed.xml (for SPs)
--Hans 18:42, 25 September 2008 (UTC)

Federation FEIDE (.no)

Protocol SAML2.0
OpenID relations Feide has a pilot service providing an OpenID gateway http://rnd.feide.no/content/technology-preview-feide-openid
Implementations SimpleSAMLphp is the software we base our IdP on

Service providers use multitude of software, including SimpleSAMLphp, Shibboleth, OpenSSO

Metadata

--

--Ingrid.Melve@uninett.no 09:29, 8 July 2010 (UTC)

Federation Tuakiri New Zealand Access Federation (.nz)

Protocol SAML 2.0 with support for SAML 1.0
OpenID relations Support for OpenID is currently unavailable.
Implementations Majority of IdPs and SPs are Shibboleth 2.x
Metadata

https://directory.tuakiri.ac.nz/metadata/tuakiri-metadata-signed.xml

--Dm.dunn@auckland.ac.nz 23:55, 30 July 2013 (UTC)

Federation Polish Identity Federation PIONIER.Id (.pl)

Protocol
Which protocol(s) is/are used for federating identities? 
for instance, SAML1.1/Shibboleth, SAML2.0, Liberty ID-FF 1.2
OpenID relations
How does the federation relate to OpenID?
Does the federation provide a gateway to OpenID?
Does the federation provide a gateway from OpenID?
Links, notes?
Implementations
What implementation(s) of the protocol is/are used in the IDPs and SPs?
Metadata
Add here the link to your metadata. //link/to/federation/metadata

--Mikael.Linden@csc.fi 13:55, 15 November 2013 (UTC)

Federation RCTSaai (.pt)

Protocol
Protocol(s) used in the federation (e.g., SAML 2.0, ID-FF 1.2, Shibboleth 1.3, OpenID, WS-*
OpenID relations
How does the federation relate to OpenID?
Does the federation provide a gateway to OpenID?
Does the federation provide a gateway from OpenID?
Links, notes?
Implementations
IDP/SP implementations in use e.g. Shibboleth 1.3, Shibboleth 2.1, SimpleSAMLphp, ...
Metadata
Add here the link to your metadata. 

-- --Linden.mikael@rediris.es 10:15, 4 June 2009 (UTC)

FederationSwamid (.se)

Protocol Shibboleth 1.x and SAML 2.0
OpenID relations
 No 
Implementations Shibboleth 1.x and SAML 2.0
* Shibboleth, simpleSaAMLphp and ADFS2

Metadata
http://md.swamid.se/md/swamid-1.0.xml
http://md.swamid.se/md/swamid-2.0.xml (when 2.0 is launched)

FederationArnesAAI (.si)

Protocol

SAML2.0

OpenID relations

OpenID is not supported.

Implementations
  • IdPs - SimpleSAMLphp only
  • SPs - SimpleSAMLphp and Shibboleth
Metadata

Metadata webpage

--alexm@arnes.si 12:41, 8 October 2010 (UTC)

Federation ULAKAAI (.tr)

Protocol
Which protocol(s) is/are used for federating identities? 
for instance, SAML1.1/Shibboleth, SAML2.0, Liberty ID-FF 1.2
OpenID relations
How does the federation relate to OpenID?
Does the federation provide a gateway to OpenID?
Does the federation provide a gateway from OpenID?
Links, notes?
Implementations
What implementation(s) of the protocol is/are used in the IDPs and SPs?
Metadata
Add here the link to your metadata. //link/to/federation/metadata

--Mikael.Linden@csc.fi 09:24, 5 February 2011 (UTC)

FederationUkfed (.uk)

Protocol

Any SAML compliant software can be used. SAML2 and SAML1 supported.

Metadata

http://www.ukfederation.org.uk/content/Documents/OperationalInfo

Federation InCommon (.us)

Protocol SAML
OpenID relations Google Gateway
Implementations Shibboleth, simpleSAMLphp
Metadata http://md.incommon.org/InCommon/InCommon-metadata.xml

Federation IGTF (.int)

Protocol X.509 (PKIX, GFD.125)
OpenID relations

There are no authorities providing IdM services based on OpenID

Implementations OpenSSL, OpenCA, Java, Netscape, Entrust, RedHat, Confusa, GridShibCA
Metadata https://dist.eugridpma.info/distribution/igtf/current/

Federation GrIDP (.int)

Protocol
 SAML 2.0
OpenID relations
 None
Implementations
 Shibboleth and simpleSAML.php
Metadata
 https://gridp.garr.it/metadata/gridp.xml

--Marco Fargetta 16:40, 07 February 2014 (UTC)

Personal tools