ࡱ>   !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~Root EntrydO)PowerPoint Document(/SummaryInformation(DocumentSummaryInformation8h( / 00DTimes New Roman<$ 0< 04DArialNew Roman<$ 0< 04 DWingdingsRoman<$ 0< 040DArial Blackman<$ 0< 04" C0.  @n?" dd@  @@``  <2 5U*+K,b.< 0AA >vD'Dͺ=iR@8%&w ʚ;ʚ;g4fdfdT 0ppp@ <4ddddqt 0<4BdBdqt 080___PPT10 ? ,O  =Shibboleth Protocol WalkthroughaBy Kathryn Huxtable, based on some presentations at the Internet2 Shibboleth CAMP August 23, 2004bPb(  )  P^V>Shibboleth Protocol Walkthrough ` fff33` 3KI3ff` 33ff` /p` 3%*3|` Jy3fff3f` 3ff3̙` 33ff33` DDyq3f` ̙3n` w3ff` }ff>?" dd@,?nKd@ P nA@F`d n?" dd@   @@``PR"   @ ` `2p>>   Z (    6l޲ #" ``   J* 0    6 #" `` `  J* 0  XT X  "X  Nd#" `P *   6d#" `U (   S ,"UY 6"0   c $ "YW 6"0    c $"YU 6"0    c $" 6"0    S #" `SV (    S Dk"Y 6"0    c $k"X 6"0   <k #" `  ` k T Click to edit Master title style! !$  00 k " `p k RClick to edit Master text styles Second level Third level Fourth level Fifth level!     S  6 #" `^ ` k H*0  H  0޽h ? }ff___PPT10i. 07+D=' = @B +  Pixel   7 /  (  T   "  T̛qd #"   *   c $PMk "9)e  ( 2b e  # "e   S ̠q"ie  (   S q"9) (   S 0q"0 (    S q"?e  (    S q") (    S q"?G (    S 4q"oG (    S q"9G (   S Ĺq"iA (   S q"A? (   6`q #" `` ` q H*0    6(q #" ``  q J* 0    0q "P   q T Click to edit Master title style! !  0$q " P  q W#Click to edit Master subtitle style$ $H  0޽h ? }ff___PPT10i. 07+D=' = @B +0 zr (    0D P    P*    00I     R*  d  c $ ?    0L  0  RClick to edit Master text styles Second level Third level Fourth level Fifth level!     S  64Q _P   P*    6V _   R*  H  0޽h ? 3380___PPT10.:i  0(  x  c $,qP   q x  c $q P  q H  0޽h ? ̙33___PPT10i.y@n+D=' = @B +:  992a'7(  N  s 3s)h)h?4Q`ԔX s?"<?@@`NNN?N] PIdentity Provider Web SiteH  c <8s)h)h?fԔX s?"<?@@`NNN?NY( PResource Provider Web Site  <vԔX s?"<?@@`NNN?N 7  =User DB @"  s Hs)h)h?Gh#UԔX s?"<?@@`NNN?NxQ  B Web Resource   H  c Ms)h)h?%9CԔX s?"<?@@`NNN?N:   PAttribute Requester (SHAR) F"  s Ps)h)h?Gh#%9CԔX s?"<?@@`NNN?N   HHandle Server (HS) L"  s DRs)h)h?Gh#%9CԔX s?"<?@@`NNN?N A  NAttribute Authority (AA) 8" 8 s Zs)h)h?Gh#%9CԔX s?"<?@@`NNN?N   :WAYF R   )h)hGHI8cԔX s?"0@NNN?N  0@ S ~)h)h?jJԔX s?"6?@@NNN?N ?B  1 S ~)h)h?jJԔX s?"6?@@NNN?N{   2@ S ~)h)h?jJԔX s?"6?@@NNN?N  C : c xTs)h)h?UԔX s?"<?@@`NNN?N rX  KResource Manager (RM) b ;  Z)h)hG+HI8cԔX s?"0@NNN?NvO  <  )h)hG0*HI>8cԔX s?"0@NNN?Nz   = c )h)h?8cԔX s?"6?@@NNN?N    > c )h)h?8cԔX s?"6?@@NNN?N   ?  )h)hG0*HCI(8cԔX s?"0@NNN?Nz  { b @@  Z)h)hG+H:zI8cԔX s?"0@NNN?NM 5 R A@  )h)hGHI8cԔX s?"0@NNN?N  '"  3 rhcs)h)h?DԔX s?"<`?@`NNN?N= A Credentials   b B  Z)h)h?GxHI8cԔX s?"6?@@NNN?N v  C c )h)h?8cԔX s?"6?@@NNN?N :  D c )h)h?8cԔX s?"6?@@NNN?N] b  E@ c )h)h?8cԔX s?"6?@@NNN?N   F c )h)h?8cԔX s?"6?@@NNN?N  R G  )h)hG4HbI48cԔX s?"0@NNN?N  &"  3 ris)h)h?>vԔX s?"<`?@`NNN?N 4 k  @ Attributes   &" H 3 r|ks)h)h?>vԔX s?"<`?@`NNN?N T  @ Attributes   "" I 3 r qs)h)h?4Q`ԔX s?"<`?@`NNN?N , `  <Handle "" J 3 r|ts)h)h?4Q`ԔX s?"<`?@`NNN?NA q  <Handle "" K 3 rws)h)h?4Q`ԔX s?"<`?@`NNN?N   <Handle '2  S ~4{s)h)hԔX s?"6@`NNN?Nf E ;1 '2 L S ~(s)h)hԔX s?"6@`NNN?N3 E  ;2 '2 M S ~Ds)h)hԔX s?"6@`NNN?N\ `  ;3 (2 N S ~s)h)hԔX s?"6@`NNN?NH  <4a (2 O S ~s)h)hԔX s?"6@`NNN?N6   <4b '2 P S ~s)h)hԔX s?"6@`NNN?Ne\ ;5 (2 R S ~s)h)hԔX s?"6@`NNN?Nl  <6a (2 S S ~Ԏs)h)hԔX s?"6@`NNN?N l e  <6b '2 T S ~s)h)hԔX s?"6@`NNN?N <  ;7 (2 U S ~Ps)h)hԔX s?"6@`NNN?N 4 O  <8a (2 V S ~ls)h)hԔX s?"6@`NNN?Na i  <6c (2 W S ~s)h)hԔX s?"6@`NNN?NI   <8b (2 X S ~s)h)hԔX s?"6@`NNN?Ns <9b (2 a S ~s)h)hԔX s?"6@`NNN?N/ .  <9a H  0޽h ?  0 1 29;98<=>8 ?@ A 9BC D!E": F# :G }ff___PPT10i.m`&+D=' = @B +  SS;;aP(  N  s HSk)h)h?4Q`ԔX s?"<?@@`NNN?N] PIdentity Provider Web SiteH  c Wk)h)h?fԔX s?"<?@@`NNN?NY( PResource Provider Web Site  <[k "`  `/ +The Shibboleth Protocol@2  c ]k)h)h?DԔX s?"<?@@`NNN?N  HClient Web Browser   s jk?GB'HQfVԔX s?"<`?@`NNN?N_ ,$@0 o1. User requests resourceii::  c Plk)h)h?%9CԔX s?"<?@@`NNN?N  ,$D0 V Assertion Consumer Service (ACS)!!   s ok?G]H5fVԔX s?"<`?@`NNN?N X ?,$@0 x2. I don t know you, or where you re from. Redirect to WAYF==ii::cb  S ~,zk)h)h?G >vԔX s?"<?@@`NNN?N 7 ,$@0 =User DB @"  s h~k)h)h?Gh#UԔX s?"<?@@`NNN?NxQ  B Web Resource   |  c pk)h)h?%9CԔX s?"<?@@`NNN?N:  ,$D 0 PAttribute Requester (SHAR) F"  s ,k)h)h?Gh#%9CԔX s?"<?@@`NNN?N   HHandle Server (HS) "  s k)h)h?Gh#%9CԔX s?"<?@@`NNN?N A ,$D%0 NAttribute Authority (AA) 8"  s 8k)h)h?Gh#%9CԔX s?"<?@@`NNN?N   :WAYF   s k?GH[fVԔX s?"<`?@`NNN?N,$@ 0 u3. Tell me, where are you from?  ii::*R   )h)hGHI8cԔX s?"0@NNN?N ,$@20 @ S ~)h)h?jJԔX s?"6?@@NNN?N ?B ,$@(0  S ~)h)h?jJԔX s?"6?@@NNN?N{  ,$@0 @ S ~)h)h?jJԔX s?"6?@@NNN?N  ,$@'0C  c k)h)h?UԔX s?"<?@@`NNN?N rX  KResource Manager (RM) *b   Z)h)hG+HI8cԔX s?"0@NNN?NvO ,$@0$   )h)hG0*HI>8cԔX s?"0@NNN?Nz  ,$@0  c )h)h?8cԔX s?"6?@@NNN?N   ,$@ 0  c )h)h?8cԔX s?"6?@@NNN?N  ,$@ 0$   )h)hG0*HCI(8cԔX s?"0@NNN?Nz  { ,$@0  s ةk?GMHfVԔX s?"<`?@`NNN?N9A,$@0 .4. Redirect to handle server for your home org//ii::*b @  Z)h)hG+H:zI8cԔX s?"0@NNN?NM 5 ,$@0"  s vԔX s?"<`?@`NNN?N 4 k ,$@+0 @ Attributes   Z" & 3 rk)h)h?>vԔX s?"<`?@`NNN?N T ,$D.0 @ Attributes   V" ' 3 rk)h)h?4Q`ԔX s?"<`?@`NNN?N , ` ,$@0 <Handle V" ( 3 rlk)h)h?4Q`ԔX s?"<`?@`NNN?NA q ,$@0 <Handle V" ) 3 rDk)h)h?4Q`ԔX s?"<`?@`NNN?N  ,$@$0 <Handle [2 * S ~k)h)hԔX s?"6@`NNN?Nf E,$@0 ;1 [2 + S ~lk)h)hԔX s?"6@`NNN?N3 E ,$D0 ;2 [2 , S ~ k)h)hԔX s?"6@`NNN?N\ ` ,$D 0 ;3 \2 - S ~,k)h)hԔX s?"6@`NNN?NH ,$@ 0 <4a \2 . S ~k)h)hԔX s?"6@`NNN?N6  ,$D0 <4b [2 / S ~k)h)hԔX s?"6@`NNN?Ne\,$D0 ;5 \2 0 S ~k)h)hԔX s?"6@`NNN?Nl ,$@0 <6a \2 1 S ~k)h)hԔX s?"6@`NNN?N l e ,$@0 <6b [2 2 S ~k)h)hԔX s?"6@`NNN?N < ,$@#0 ;7 \2 3 S ~lk)h)hԔX s?"6@`NNN?N 4 O ,$@*0 <8a \2 4 S ~\k)h)hԔX s?"6@`NNN?Na i ,$@0 <6c \2 5 S ~ k)h)hԔX s?"6@`NNN?NI  ,$@-0 <8b \2 6 S ~k)h)hԔX s?"6@`NNN?Ns,$D30 <9b  7 s q?G H|fVԔX s?"<`?@`NNN?N7,$@0 z6. I know you now. Redirect to resource s ACS, with a handle.>>ii:: 8 s q?GH fVԔX s?"<`?@`NNN?N ?,$@!0 x7. I don t know your attributes. Ask the attribute authority==ii:: 9 s q?G+HfVԔX s?"<`?@`NNN?N~ (,$@&0 <8. Return the attributes the user has allowed to be released==ii:: : s q?G HfVԔX s?"<`?@`NNN?NM{l,$@/0 69. Based on attribute values, allow access to resource77ii::\2 ; S ~&q)h)hԔX s?"6@`NNN?N/ . ,$@10 <9a H  0޽h ?          !" # $789: }ff]]___PPT10].m`&+hD;V' = @B DU' = @BA?%,( < +O%,( < +D' =%(D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<**%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*%(Df' =%(D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*+%(Df' =%(D' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*,%(D' =%(D3' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*-%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*.%(D' =%(D3' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<* %(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*/%(D' =%(D' =%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*0%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*1%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*'%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*7%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<* %(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*4%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*(%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<* %(D' =%(D@' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*8%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*!%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*2%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*)%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<* %(D' =%(D}' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*9%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*"%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*3%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*%%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*$%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*5%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*&%(D' =%(D3' =%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*:%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*#%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*;%(D' =4@BBBB%(D' =1:Bvisible*o3>+B#style.visibility<*%(D' =A@BBBB0B%(D' =1:Bvisible*o3>+B#style.visibility<*6%(+8+0+q ++0+q ++0+q ++0+ q ++0+ q ++0+ q ++0+q ++0+q ++0+q ++0+q ++0+%q ++0+&q ++0+'q ++0+(q ++0+)q ++0+*q ++0++q ++0+,q ++0+-q ++0+.q ++0+/q ++0+0q ++0+1q ++0+2q ++0+3q ++0+4q ++0+5q ++0+6q ++0+7q ++0+8q ++0+9q ++0+:q ++0+;q +r0,&% ( s/#j )r ՜.+,08    On-screen Shown-s/]  Times New RomanArial Wingdings Arial BlackPixel Shibboleth Protocol WalkthroughSlide 2Slide 3 Shibboleth Protocol Walkthrough  Fonts Oh+'0x hp    PowerPoint PresentationowePixeloiKathryn Huxtabletat81hMicrosoft PowerPointon@E@@ ^uGP;  4  i-- @ !i--'--- @ !h---- @ !h ---- @ !h---- @ !h #---- @ !h,---- @ !h2---- @ !h8---- @ !h=---- @ !hA---- @ !hF---- @ !hK---- @ !hO---- @ !hT---- @ !hW---- @ !h\---- @ !h`---- @ !hf---- @ !hi---- @ !hn---- @ !ht---- @ !hz---- @ !h---- @ !h ---- @ !h---- @ !h---- @ !h---'}-- @ !XZ--'-- @ !!--'-- @ !"XZ--'-- @ !!8w--'}-- @ !!;--'-- @ !"Xw--'-- @ !!z;--'}-- @ !!z--'-- @ !!zZ--'-- @ !"--'-- @ !";--'@Arial-. %2 Shibboleth Protocol      . "System-@Arial-. 2 Walkthrough"  .-@Arial-. 42 By Kathryn Huxtable, based on         .-@Arial-. .2 some presentations at the        .-@Arial-. -2 Internet2 Shibboleth CAMP           .-@Arial-. 2 0August 23, 2004   .-UsedDesign Template Slide Titles Custom Shows(_ Kathryn HuxtableKathryn HuxtableCurrent User P