So i've spent all morning researching this question to no avail. I am working on a project intended for college students and I want them to use their college credentials to login. According to my colleges website, they use Shibboleth (not really clear what that is).
http://wp.stolaf.edu/it/shibboleth/
But, when I try to sign in, I am redirected to a Google login (maybe because my schools has a google apps account?).
I am confused how Shibboleth and Google are mixed in this scenario. How do I go about authenticating my users against their school credentials in this scenario?
Thanks!
As the organization appears to support federation via Shibboleth, you should ignore the Google component which you are seeing.
You will need to firstly support SAML 2.0 (most likely) and have your project act as a Service Provider. Shibboleth will produce a signed SAML assertion which will contain identifiable user information that you can validate. When validation has occurred you can then establish a session on your application as the identified user.
To get to that point you will need to work with the college to exchange something called metadata, which determines how your messages should look like. It's unlikely you will be able to get this going without someone from the college working with you.