...
Authentication
Tufts is using ADFS 2.0 Shibboleth to provide a single sign-on experience for users of Box.net cloud storage. We elected to go with ADFS for several reasons:
- ADFS represents a federated authentication service that will represent not only trusting within tufts, but eventually trusting external organizations also tied to the ADFS environment
- ADFS (as opposed to Shibboleth, another federated authentication service Tufts supports) ties directly to active directory. Although Box.net does not currently support OU or Security group mapping in a way that Tufts would leverage, the synergy options in the future to provide storage tied to active directory organizational units is an opportunity we wanted to leave open
By using ADFS
By using Shibboleth, users of the tufts service will be able to continue to use their Tufts Username and Tufts Password to access services that they use most frequently, which will maintain as consistent an experience as possible for our users here at Tufts.
...