UK Access Management Federation
for Education and Research
The UK federation is operated by Jisc and provides a single solution to accessing online resources and services for education and research. Here is some information on how it works and its benefits.
Eligible organisations are invited to join the current membership.
Latest news
Shibboleth Service Provider 3.0.3 now available
Posted on Tuesday, 5 February 2019
A third patch release of the Service Provider software is available which corrects a denial of service vulnerability. Please see The Release Notes for more information. The UK federation recommends that you upgrade to this version.
If you are using Red Hat and compatible systems, you can "yum update" to the latest version. Alternatively, you can find the latest versions in all formats on the shibboleth.net website.
The Windows installers include some other library updates, including OpenSSL 1.1.1a, which includes TLS 1.3 support for the first time.
Version 1.2.1 of Shibboleth Embedded Discovery Service now available
Posted on Friday, 1 February 2019
The Shibboleth Project has released a bugfix (version 1.2.1) of the Embedded Discovery Service. This is a bug fix that prevents new installations of the EDS from acting as an open redirector. Existing systems will continue to function as one until locked down, but the presence of the new setting will prevent this behaviour.
If your Service Provider uses this product, we recommend that you upgrade to the new bugfix version.
Please read the EDS Release Notes for more information.