When you start using Sitecore as an intranet you inevitably must face the identity management scenario: where are the users who are visiting the intranet going to be stored?

In most established organizations, a centralized identity management system is already in place. For a recent project, I came across the need to get Sitecore to act as a Shibboleth Service Provider and perform Single Sign-on (SSO) with a Shibboleth Identity Provider.

Shibboleth itself handles most of the heavy lifting, but there are some steps to force Sitecore to get out of Shibboleth’s way. Also, once you actually authenticate to Shibboleth you still need to authenticate to Sitecore with the header details you receive.

Enter the Shibboleth Login module, now available for download on my GitHub repository: https://github.com/jst-cyr/SitecoreShibbolethLogin

The module will get inject a pipeline handler to read the headers from Shibboleth and log in a virtual user for you with the information from the identity provider.

This has been tested against Sitecore 8.2 update 2, but I’m fairly certain that the API calls I made should work across other 8.x versions. Let me know if you find a problem getting it set up!