Immediate Shibboleth Software Upgrade Urged

California Community Colleges Technology CenterCalifornia’s community colleges are being urged to upgrade their Shibboleth Identity Provider (IdP) instances immediately to Version 3 to guarantee continued secure access to technologies like Canvas, CCCApply, CCC MyPath and others.

Versions of Shibboleth IdP prior to Version 3 are no longer supported by the Shibboleth Consortium. This could result in security vulnerabilities or even blocked access for colleges using Shibboleth for the California Community Colleges (CCC) Federated Single Sign-On (SSO). The need to transition to Shibboleth IdP Version 3 was first announced to colleges in 2015 but has recently become an urgent priority with the CCC’s Federated SSO initiative in full swing.

Upgrades to Shibboleth IdP Version 3 are being paid for centrally by the CCC Chancellor’s Office, and implementation work provided by the CCC Technology Center and Unicon. Colleges are encouraged to get into the upgrade queue as soon as possible to minimize backlog. To schedule your college’s Shibboleth upgrade, contact Unicon’s Dave Lipari at This email address is being protected from spambots. You need JavaScript enabled to view it..

Why Upgrade?

SSO is a secure process that allows a user to enter their username and password once in order to access multiple applications without having to sign in separately to each application. Federated SSO allows for single sign-on access to applications across multiple college domains.

For colleges that use Shibboleth as their IdP, Version 3 is required to support secure single sign-on access to systemwide technologies including Canvas, the Course Exchange, CCC MyPath student portal, CCCAssess, and – for college staff – the new CCCApply Administrator that is scheduled to be released in September.

Shibboleth is an open-source IdP solution that was adopted and recommended by the CCC Technology Center. It is believed that the majority of CCC campuses have some version of Shibboleth but have still not upgraded to the latest version.

Colleges using PortalGuard or other identity solutions for single sign-on authentication will need to go through a readiness checklist process to ensure they meet the CCC requirements for student authentication.

Click the links for more information about upgrading to Shibboleth v3 and an SSO resource guide.


Crista Souza is the TechEDge News Editor


 

Add comment