Single Sign On

Audience: IT


Bluestem and Shibboleth are two single sign-on authentication methods supported at UIC.


ACCC provides Bluestem protection for websites hosted with and Web servers for protecting files, PHP programs, and CGI scripts. However, you may have data that requires extra-special protection (e.g. financial or medical), or you may want to run a Web application (e.g. database) or write in a language for which these main servers are not adequate.

In such a case, if you are capable of running your own Web server (i.e. physically secure room, maintain security patches, manage user accounts, run backups, install and troubleshoot software, keep, and inspect logs, or use an ACCC Virtual Machine), you can make your web server into a Bluestem or Shibboleth application server. This will allow your web scripts to authenticate users, using their normal UIC NetID and password, in a very secure manner.


Bluestem on people and webhost

Requires the creation of an allowed.NetIDs file in the directory you want to protect.

Bluestem on a custom server

  • You must run an SSL-capable web server. Apache and IIS are fine. And, of course, the web server must be configured to run CGI scripts.
  • You must obtain an SSL certificate.
  • You must be able to maintain your server, providing all the functions that a good system administrator would provide.



There is no charge for this service.


Further Information 

ACCC Service Level Agreement (SLA)

Service Request Fulfillment Time

2-4 business days.

Incident Resolution Time

2-4 business days.

Service Availability 24x7
Maintenance Window(s) Approved ACCC maintenance window(s):
Service Notification Channel(s) ACCC News and Alerts:
REACH distribution email list.
Reviewed to Ensure SLA Meets Business Requirements

Provisional SLA - Currently under IT Governance review.

Date Reviewed

Provisional SLA - Currently under IT Governance review.