Shibboleth is not only a kind of linguistic password that
identifies one as a member of an 'in' group, it's also the name of a middleware project of Internet2. The Shibboleth project is developing architectures, policy structures, practical technologies and an open source implementation (also called Shibboleth) to support inter-institutional sharing of (web) resources subject to access controls.
Some key concepts of Shibboleth are:
Access Control Based on Attributes
Active Management of Privacy
Framework for Multiple, Scaleable Trust and Policy Sets (Federations)
Standard Attribute Value Vocabulary
Using Moodle with Shibboleth authentication has the following advantages (depending on the Shibboleth federation you are part of):
Access to Moodle can be restricted very accurate (e.g. you allow only students from universities A, B and D to access your Moodle, but not students from universities C and E. Or you allow only medicine students.)
User accounts are created automatically as soon as a user logs in the first time.
The user profiles are set up automatically (e.g. the users firstname, surname and email address is inserted the first time a user logs in)
The user profiles can automatically kept up-to date all the time
So you don't have to care anymore for user management issues because this is basically handled by the Identity Provider of the Shibboleth user (e.g. the home university).
Once Shibboleth users are authenticated, they can access other Shibboleth-enabled resources without loggin in another time. Due to this single sign-on mechanism, they e.g. can jump from one Moodle installation to another or the can access a Shibboleth-protected library or a web shop, always being authenticated.
Plans for the future concerning Moodle:
Automatic course enrollment according to Shibboleth attributes.