AAI-protected demo areas

Access to areas of the web site is controlled by AAI, using the open source Shibboleth Service Provider software developed by the Shibboleth Consortium. This demo resource is part of the AAI Test Federation, not the production SWITCHaai Federation.

Some information about the authenticated user gets transferred to the resource, so that it can decide on authorizing access for that user and for knowing with whom the resource is communicating.

This resource holds following areas for demonstration purposes:

Scenario Description Valid users Invalid users
Demo Portal Shows a very simple portal application,
where logged-in users get customized content.
demouser:demo
demostudent:demo
all unauthenticated users
Any authenticated user
Home Organization choice by Discovery Service
Any properly authenticated user gets access. demouser:demo
demostudent:demo
all unauthenticated users
Any authenticated user Any properly authenticated user gets access. demouser:demo
demostudent:demo
all unauthenticated users
Any student All users with an affiliation "student" are authorized to access it. demouser2:demo
demostudent:demo
demouser:demo
demostaff:demo
Staff from aai-demo-idp.switch.ch All users with an affiliation "staff" and
home organization "aai-demo-idp.switch.ch" are authorized to access it.
demostaff:demo demostudent:demo
An explicit user Only "demouser2" is authorized to access it. demouser2:demo all others
Lazy session Authentication is optional,
but the application can enforce user authentication when it is needed.
all users -
Re-authentication enforcement Application enforce Re-authentication of the user at the IdP,
although the IdP session is still valid.
demouser:demo
demo[1..50]:demo
all unauthenticated users
Passive authentication enforcement Application enforce a passive authentication of the user at the IdP,
means disallowing any user interaction on the IdP side.
all authenticated users all unauthenticated users

Changing the Account
Prior to changing from one user account to another please quit and relaunch the browser in order to remove all session cookies.

Information provided by this Service Provider

Status Metadata Session Shibboleth environment Current config Clear

 

Live Shibboleth SP daemon log