UK Access Management Federation
for Education and Research
The UK federation is operated by Jisc and provides a single solution to accessing online resources and services for education and research. Here is some information on how it works and its benefits.
Eligible organisations are invited to join the current membership.
Latest news
Shibboleth SP 3.0.4.1 Update for Windows
Posted on Tuesday, 26 March 2019
There's been a service update [1][2] to the SP installers for Windows labeled V3.0.4.1 to make a fix for the bug where a non-default handlerURL fails with the IIS 7 module [3]. To be clear: this only affects your Shibboleth SP deployment if you are running Windows AND IIS 7 AND have set handlerURL in the ApplicationDefaults or ApplicationOverride elements.
This is the only change in the packages, so is only relevant for IIS 7+ deployments. This is an atypical release process that would normally be done as a full patch, but that would delay the fix for an indeterminate period and the bug has been causing a lot of problems and traffic on the Shibboleth Users list, so it was the most expedient solution.
[1] http://shibboleth.net/downloads/service-provider/3.0.4/win32/
[2] http://shibboleth.net/downloads/service-provider/3.0.4/win64/
[3] https://issues.shibboleth.net/jira/browse/SSPCPP-856
Shibboleth Service Provider 3.0.4 now available
Posted on Wednesday, 13 March 2019
The Shibboleth Project has released V3.0.4 of the Service Provider, a patch release, along with patch releases of the xmltooling (V3.0.4) and opensaml (V3.0.1) libraries. This is a bug fix release, and also addresses a denial of service vulnerability. The UK federation recommends that you upgrade to this version.
Please see the Shibboleth SP Release Notes and the three emails in shibboleth-announce for more information.