What Is Shibboleth?
Shibboleth is an open source product that enables an organisation-spanning (federated) authentication and authorisation for web applications. Thus, Shibboleth is an essential component of Federated Identity & Access Management and is primarily used in federations of universities, research institutes, authorities and large companies.
Shibboleth consists of two main components. The Identity Provider (IdP) authenticates users, while the Service Provider (SP) controls access to protected resources. Based on the standard SAML (Security Assertion Markup Language), Shibboleth enables Single Sign-On (SSO), i.e. a user has to authenticate him- or herself only once in order to access multiple services within the federation.
The open source project was originally developed by the US-American university consortium Internet2. Now the Shibboleth Consortium is responsible for its further development.