This page provides status updates on the progress of the Shibboleth Enhancements RFP released in spring of 2013, based on the requirements described in Assurance Enhancements for the Shibboleth Identity Provider. The enhancements will enable a Shibboleth IdP to support the InCommon Assurance Program's multiple assurance profiles, as well as other authentication contexts that may be defined by IdPOs and their partners.

Status as of February 12, 2014

The code is complete! We're currently polishing off some documentation before an announcement.  See Multi-Context Broker for a draft of that documentation, including information on where you can download the code.

Status as of October 14, 2013

Acceptance testing is in progress.  For those interested in seeing the code and/or trying it out, please see the Multi-Context Broker wiki page at for installation instructions.  If you find any issues, please report them at

Status as of September 3, 2013

  • The implementation is moving along well; the following are complete:
    • Login handler.
    • Interface for authentication submodules.
    • Presentation of the default / initial authentication method, when configured.
    • Very basic Velocity templates for the user interface. Templates patterned after other default templates in the Shibboleth distribution will follow.
  • The logic for displaying authentication methods that meet the SP's requirements, the user's certifications, and the IdP's configured hierarchy of authentication contexts should be complete in about a week.
  • Testing by the three designated campuses is expected to begin in 1-2 weeks. The improved Velocity templates may not be available initially.

Status as of August 12, 2013

Status as of August 6, 2013

  • Paul Hethmon was selected by the RFP process to implement the enhancements.
  • The three campuses that will perform acceptance testing have been identified.  They are represented by David Langenberg of the University of Chicago, Warren Curry and Martin Smith of the University of Florida, and Steven Carmody of Brown University.  These people are also acting as an early sounding board for design decisions.
  • Paul is completing a first draft of the design documents over the next week or two for public review.  The configuration files (which include specification of the IdP's supported authentication contexts and authentication methods) have already been reviewed internally.
  • No labels