Authentication and single sign-on¶

Systems we may be able to make use of

• Shibboleth -- federated authentication with some additional user metadata. The QM library has recently switched to this (from Athens) for e-resource access, see http://www.library.qmul.ac.uk/node/1647. Talk to Jez Clark (librarian); also Martin Evans (http://webspace.qmul.ac.uk/mdtevans/) who runs existing central QM Subversion server etc.

• RADIUS -- hierarchical authentication system used by Eduroam. Does not appear to be available for Redmine auth (http://www.redmine.org/issues/940#change-2060)

• OpenID -- replaces stored password on site. Provides no additional information that could be used for authorisation purposes.