UK Access Management Federation
for Education and Research
The UK federation is operated by Jisc and provides a single solution to accessing online resources and services for education and research. Here is some information on how it works and its benefits.
Eligible organisations are invited to join the current membership.
Latest news
End of life for Shibboleth IdP v3 and IdP v4 upgrade guide
Posted on Friday, 2 October 2020
In March 2020, the Shibboleth IdP v4 was released, at the same time the Shibboleth IdP v3 end of life was announced, which will be the 31st December 2020.
The Trust and Identity team at Jisc supporting the UK federation have now made available an IdP v4 upgrade guide
Shibboleth Service Provider Security Advisory 31st August 2020
Posted on Tuesday, 1 September 2020
A security advisory [1] has been released for the Shibboleth Service Provider involving deployments running on Windows and using the "modern" module for Microsoft IIS V7+. This module contains a flaw that can be triggered remotely, resulting in a potential denial of service condition exploitable by an unauthenticated attacker. Also, a service patch for the Windows distribution of the Service Provider software is now available [2]. This update contains a fix for a bug [3] in the IIS module. Other important information can be found in the release notes which should be reviewed when upgrading [4].