Shibboleth term for an application server that has been integrated with Shibboleth.
SP (Service Provider) is the Shibboleth term for an application server that has been integrated with Shibboleth (and hence MIT Touchstone). An SP communicates with a Shibboleth IdP to determine if a user has authenticated and obtain information about the user. The information obtained from the identity provider may be used to make authorization decisions.
A user's password is never sent to an SP. The Shibboleth system uses HTTP redirects extensively. A user interacts with the IdP to perform initial authentication. Hence, the systems management of the SP presents little risk to an enterprise's passwords. However, the systems management of the IdP entails risks similar to the management of a Kerberos KDC or an Active Directory Domain Controller.