California’s community colleges are being urged to upgrade their Shibboleth Identity Provider (IdP) instances immediately to Version 3 to guarantee continued secure access to technologies like Canvas, CCCApply, CCC MyPath and others.
Versions of Shibboleth IdP prior to Version 3 are no longer supported by the Shibboleth Consortium. This could result in security vulnerabilities or even blocked access for colleges using Shibboleth for the California Community Colleges (CCC) Federated Single Sign-On (SSO). The need to transition to Shibboleth IdP Version 3 was first announced to colleges in 2015 but has recently become an urgent priority with the CCC’s Federated SSO initiative in full swing.
SSO is a secure process that allows a user to enter their username and password once in order to access multiple applications without having to sign in separately to each application. Federated SSO allows for single sign-on access to applications across multiple college domains.
For colleges that use Shibboleth as their IdP, Version 3 is required to support secure single sign-on access to systemwide technologies including Canvas, the Course Exchange, CCC MyPath student portal, CCCAssess, and – for college staff – the new CCCApply Administrator that is scheduled to be released in September.
Shibboleth is an open-source IdP solution that was adopted and recommended by the CCC Technology Center. It is believed that the majority of CCC campuses have some version of Shibboleth but have still not upgraded to the latest version.
Colleges using PortalGuard or other identity solutions for single sign-on authentication will need to go through a readiness checklist process to ensure they meet the CCC requirements for student authentication.
Crista Souza is the TechEDge News Editor