...
Authentication
Tufts is using ADFS 2.0 Shibboleth to provide a single sign-on experience for users of Box.net cloud storage. We elected to go with ADFS for several reasons:
- ADFS represents a federated authentication service that will represent not only trusting within tufts, but eventually trusting external organizations also tied to the ADFS environment
- ADFS (as opposed to Shibboleth, another federated authentication service Tufts supports) ties directly to active directory. Although Box.net does not currently support OU or Security group mapping in a way that Tufts would leverage, the synergy options in the future to provide storage tied to active directory organizational units is an opportunity we wanted to leave open
By using ADFS
By using Shibboleth, users of the tufts service will be able to continue to use their Tufts Username and Tufts Password to access services that they use most frequently, which will maintain as consistent an experience as possible for our users here at Tufts.
Alternative Login
Some third party applications that use Box might not allow for SSO logins. To get around this, a user must create an additional password on their account.
This can be done by having the user browse to their Account Settings and select the Change Password link under the Authentication section. This will create an additional password for the user to login using their Tufts email and this additional password.
Access & Account Creation
...