If you access web content that is protected by Shibboleth, you will notice that Shibboleth uses different URLs and has a different appearance than Pubcookie. This page has information to help you verify the authenticity of the web pages presented by the Shibboleth service.
Shibboleth login process
If you haven't already authenticated, there is a two-step authentication process for accessing Shibboleth-protected pages served by www.cs.cmu.edu and other web servers that allow Shibboleth authentication with either an Andrew or a SCS account.
Important: the URL for all Shibboleth login pages must begin with "https:".
Step 1: You will be presented with a page asking you to choose an Identity Provider (i. e. whether you want to use your Andrew account or SCS account to authenticate). That page is located at: https://cs.login.cmu.edu.
- Choose "Carnegie Mellon University" if you want to authenticate using your Andrew account.
- Choose "Carnegie Mellon University School of Computer Science" if you want to authenticate using your SCS account.
Example screenshot of this page (the text in the URL after "entityID" will vary depending on the site you are accessing):
Step 2: Once you have chosen an Identity Provider, you will taken to the login page for that provider.
The SCS account login page is located at: https://cs.login.cmu.edu. Screenshot:
The Andrew account login page is located at: https://login.cmu.edu. Screenshot:
Once you have authenticated to the Shibboleth service, you should be redirected to the protected web page you wanted to access.