Although there has been some success in enabling Shibboleth authentication to core Library components, the Library's administrave staff are still typically constrained to using a local account to authenticate to the system. As a large number of the applications that any campus user will access are Shibboleth enabled there is a strong desire to extend the Single-Sign-On functionality to all aspects of the system. As customers we do desire support form the vendors that will enable the Library administrative staff to authentcate to various crtical systems via Shibboleth.
Systems supporting Shibboleth authentication for specially privileged users SHOULD provide customers with the ability to require a rich set of SAML assertions as part of the authentication requirements. For example, some customers might want to require a specific LOA assertion for administrative functions, in addition to a username. Other customers may want to create rules based on the value of the initial authentication mechanism used.
The following vendors support this:
The following vendors do not currently support this: