What is the RWTH Single Sign-On?
More and more content is provided by the RWTH Aachen University via the web or web applications. The content often is dynamic and only addressed to defined user groups - forums for certain degree courses, online publications or documentation systems. This is why it is necessary for the access control to guarantee an authentication and authorisation of the users.
Shibboleth is a Single Sign-On authentication service. The IT Center operates a central Shibboleth service and a local federation for the user authentication for local web applications. RWTH Aachen University is a member of the federation of the German Research Network (Deutsches Forschungsnetz (DFN AAI)). This makes it possible to use numerous services of other universities that are a member of DFN via the central login server.
As a user you can access a Shibboleth protected application via your RWTH Single Sign-On account.
With the Shibboleth procedure the provider of a web application can use the central login server at the IT Center to authenticate the users.
The central login server has access to selected data from the Identity Management of RWTH Aachen University. Because of this your application can e.g. be informed that the logged in person is a student. On the basis of these personal attributes your application can decide which access rights will be granted (authorization) without having to provide another local user account. The persistent and distinct username provided by the login server enables you to assign a local user profile and store further personal data there.