Web login – simple and secure
At ETH Zurich, „uApprove“, a new Shibboleth version, is used to log in.
In the past, you already had to provide a username and password to access various applications at ETH Zurich, such as eDoz, myStudies and blogs.ethz.ch. This procedure has remained the same from the outside, but the login screen and the technology in the background have changed.
Reason for the change
IT Services have renewed the Shibboleth and LDAP infrastructure at ETH Zurich: with regard to the Shibboleth infrastructure, the new uApprove module has been implemented, among other things. uApprove increases transparency. ETH users who are logging in will now see which attributes of the application are passed on. Furthermore, the new version is a prerequisite for registering with eduGAIN Interfederation (Wikipedia eduGAIN) at ETH Zurich. After logging in, the login and confirmation no longer need to be entered again for each application. At ETH Zurich, the following areas and services use Shibboleth: IT Services, the ETH library, LET; Digitec and Brack (for replacements and orders at ETH Zurich).
More information and transparency with „uApprove“
- ETH users must read and accept the „Terms and Conditions“ (once only)
- Users receive more information about the application
- Users see which attributes the application will receive and can cancel the login (if they do not agree with them)
- „uApprove“ is the prerequisite for registering with „eduGAIN Interfederation“ at ETH Zurich
nethz — authentication and authorisation at ETH
„nethz“ refers to the central authentication and authorisation infrastructure at ETH, which governs access to basic IT services at ETH: access to the ETH network via VPN or wireless LAN, email, central storage space on the NAS and access to the computers in the public computer rooms for students. An increasing number of electronic services of ETH require the „nethz password“ and check the access permissions in the nethz database.
During authentication, the identity of the person logging in is checked and their credentials (e.g. user name and password) are verified. If user authentication was successful, the system provides authorisation. Authorisation is a technical process, which enables the person to carry out specific actions.
AAI and SWITCH
AAI stands for Authentication and Authorization Infrastructure. This infrastructure simplifies access to web resources within the Swiss university community. In the past, university employees and students needed additional digital identities for other universities, but now they only need one. The AAI login (referred to as the nethz login at ETH) is also your passepartout for nearly all web resources, which Swiss universities and associated organisations make available to their users. The persons responsible for the web resources decide which web resources can be accessed by which identities.
- SWITCHaai: the academic passepartout
- SWITCH FAQ
- SWITCHaai Interfederation and eduGAIN
More in the ITS Blog
- New Design for Login Page (ITS Blog)
- Single sign-on / SWITCHaai / Shibboleth (ITS Blog)
- Single sign-on at ETH (ITS Blog)
Please contact the ITS Service Desk if you have any questions.
(External translation service)