Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Included Heartbleed Message / Formatting

Password Management

The exciting news is that the Kantara Initiative IT tools are SSO deployed! We use a combination of Shibboleth through a SimpleSAMLphp gateway.  All of our user accounts are registered and managed through specified Identiy Providers (IdPs).  As the IDs and Passwords are stored with each Identity Provider we do not manage user account adminstration through confluence.  IMPORTANT:  To change or retrieve a lost password each user will need to login to the Identity Provider where their user account is registered.  Current IdPs supported include ProtectNetwork, Kantara Initiative and OpenID


. The OpenID Deployment is still in experimental phase as the harmonization around such a Multi-Protocol solution develops.


IMPORTANT: To fully logout a user should quit their browser session fully.
We are aware of a known issue regarding the Shibboleth extentions in use with Confluence


. We apologize for this inconvinence and wil continue to track the issue with the developers involved.

"Logout may not work properly. A workaround is to alter the logout page to indicate that the user must completely close the browser application to logout."


- source

IMPORTANT: To fully logout a user should quit their browser session fully. 


Heartbleed / Open SSL

Information has been released about a new OpenSSL vulnerability (CVE-2014-0160) and we were using an affected version of OpenSSL until April 10, 2014, 10 AM PT.  We have updated our servers now to the latest version of OpenSSL that includes a patch for the vulnerability, revoked the old SSL keys/certificates, and reissued new SSL certificates. 

We recommend changing your account password, now - if you have an account on our the Kantara Initiative IdP (for example if you log in the Kantara Initiative wiki using the selection "Kantara Initiative IdP ..."). To change your password please go to: is highly recommended to have SSL certificate validity checks (CRL and/or OCSP) enabled in your Web browsers.
If you have any questions about this incident, please do not hesitate to contact us at staff at