This topic has been covered by many people and you can find some good stuff regarding it on the web. I and a few of my colleagues worked on identity and access management solutions especially Shibboleth during our studies, each time we thought to write it down somewhere for future use but laziness on my side. I had a chance to work around it again and thought to write down the steps to set up a basic Shibboleth structure for an organization.
For those who are not familiar with the concept here is a brief summary. Single Sign-On (SSO) is an authentication process that allow users to log in once and be authenticated to all the network resources they are granted permission to access. It ease the burden of remembering multiple passwords for different applications by eliminating further prompts for username/passwords while shifting from one resource to another for a particular session.
Shibboleth is a free open source implementation for identity management, providing a web-based single sign-on mechanism across different organizational boundaries. In a simple scenario, a client access a resource which is protected by Shibboleth service provider (SP), the client is authenticated by her home identity provider (IdP) and is redirected to the SP to access the particular resource. The SP may apply further access control mechanisms to restrict access to the resource. This way, information about a user is sent from a home identity provider to a service provider which prepares the information for protection of sensitive content and use by applications. If you are not familiar with Shibboleth and how it works, you may be benefited from the Shibboleth home page.
In this tutorial we will cover installation of the IdP first and then we will perform the necessary configuration to customize the IdP for an organization. Afterwords, we will install and configure the shibboleth SP and will setup a basic scenario to protect a resource. This is just a summary of our new tutorial, you can continue to read the full tutorial at our main blog (CSRDU blog) at Shibboleth IdP and SP Installation and Configuration.