1 / 27

BizTalk 2006: How UF Integrated BizTalk into their Identity Management System

BizTalk 2006: How UF Integrated BizTalk into their Identity Management System . Mike Conlon Director of Data Infrastructure George Bryan Project Manager Presented at Microsoft Higher Education Conference in Redmond, WA July 11, 2006. The University of Florida.

Angelica
Download Presentation

BizTalk 2006: How UF Integrated BizTalk into their Identity Management System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. BizTalk 2006: How UF Integrated BizTalk into their Identity Management System Mike Conlon Director of Data Infrastructure George Bryan Project Manager Presented at Microsoft Higher Education Conference in Redmond, WA July 11, 2006

  2. The University of Florida • Largest and oldest university in Florida • 50,000 students in Gainesville • 2004-05: #3 in Bachelors degrees awarded, #4 doctoral; #1 professional • SAT quartiles V: 600-700; M: 620-710 • Land grant, Medicine, Eng, Bus • $2B annual revenue; $500M research • 2006 NCAA Men’s Basketball champions

  3. IT at UF • 500 IT professionals and developers across campus and the state • Very decentralized (very!) • Over 150 email services • 50,000 devices on the open network • Directory Project 2001-2003 • PeopleSoft implementation 2002-2004 • Active Directory project 2003-2004 • Password Management 2004 • Account Management 2006

  4. Principles for Identity Management (IDM) • Know the people in your environment • All credentials must be attributable to people you know • All authorizations must be attributable to people you know • Base credential strength on authorizations • Support a wide variety of platforms and vendor applications

  5. Identity Management at UF • Associate each person to a UFID (8 digit number) via UF Directory • Associate each computer credential (GatorLink username and password) to a UFID • Associate authorizations (roles) to UFID • Associate password policies to roles • Support Active Directory, NDS, LDAP, Kerberos, WebISO, Radius

  6. UF Directory • Authoritative person database since 2003 • Coordinates 17 enterprise systems • New LDAP schema (eduPerson, eduOrg) • New UFID – 8 digit number • GatorLink tied to UFID • 50,000 new Gator One cards • 1,500 applications modified to eliminate SSN • New self-service apps • 800 directory coordinators identified and trained • New directory coordinator apps • Mainframe DB2 and APIs

  7. Directory and IDM • Directory coordinators establish identity • UFID assigned to individual • Identity resolution is manual • Self-service and directory coordinators for updating contact information • Authorized processes update official information (Student, HR) • 1.5M people in the UF Directory

  8. IDM Entities • Persons have UFID, Contact info and Level of Assurance • Affiliations (faculty, staff, alum) identify relationship to university • Roles (PA_USER, UF_GRADER) define access to services • Credentials (GatorLink username and password) control authentication • Password Policies (1-5) regulate password strength

  9. IDM Entity Relationships

  10. IDM Starts With People • New people enter the environment in many ways. Over 800 directory coordinators are authorized to establish identity • All directory coordinators use a single web-based app to establish identity, creating a UFID for each new person • Identity resolution is manual • Two levels of assurance – strong and weak

  11. Credentials are Assigned to People • Credentials are created using a self-service application • Users pick their own usernames and their own passwords in accordance with policy • Credential information is pushed into other systems

  12. Updating Credentials

  13. Problems with Updating • Legacy Middleware is a collection of special scripts and privileges -- difficult to manage and change. Everything is custom • It breaks – about 20 times a month out of 5,000 updates • It doesn’t scale – three integrations are in place, but no good way to get information to other systems regarding state changes in IDM

  14. What Is BizTalk? • BizTalk is an Enterprise Service Bus (ESB) which comprises the next generation of integration middleware • BizTalk is frequently described as the Glue for business interoperability • BizTalk is a Swiss Army Knife for Internet business eCommerce and enables seamless communication across various platforms • BizTalk brings the promise and power of XML to businesses and to their existing and legacy systems

  15. Why BizTalk 2006? • Familiar Development Platform (.NET/SQL) • Easy Deployment • Flexible and Versatile • Existing Support Infrastructure (MS PSS) • Connectors to all Major Platforms • Common Security Framework • Good References (Fortune 500) • Cost

  16. BizTalk 2006 Adapters • Oracle, DB2 and SQL Server™ Database Connectors • Oracle, SAP, PeopleSoft, JD Edwards Application Suites • Windows SharePoint® Services • Additional adapters for TIBCO Rendezvous, TIBCO EMS, Amdocs ClarifyCRM, Host Files, Host Applications, POP3

  17. BizTalk Basics • Conceptual Overview • Logical Overview • Functional Overview

  18. Conceptual Processing Overview

  19. Logical Processing Overview

  20. Functional Overview – Receive Message

  21. Functional Overview – Route Message

  22. Infrastructure Design Considerations • BizTalk 2006 System Requirements • BizTalk 2004 versus 2006 • Deploying Applications • Resumable Transactions for Received Messages • 32 Bit versus 64 Bit • Virtualizing Servers • SQL 2000 or SQL 2005 • Clustering SQL • SSO Placement • Enterprise BizTalk Groups • Web Tier Considerations • Using MSMQ and SQL

  23. BizTalk Without Orchestrations • Receive and Send Ports • Data Transformations • Enveloping • MaxOccurs = Unbounded Demo Data Transformations, Maps, Functoids

  24. Adding Orchestrations • Long Running Transactions • Correlations • Dehydrating and Hydrating messages • Using Business Rules • Promoting Field to Context for use in business processes Demo simple orchestration

  25. Tools of the Trade • Visual Studio (BizTalk Projects) • ILDASM – Inspect .NET Assembly • XSD – Generates >NET classes or XML Schema from XML or XSD • WSDL – Generates code for XML web services from WSDL • BizTalk System Administrator • Message Tracking • Debug Message Flow • Configuration • Message Box • Heart and Soul of BizTalk • BizTalk Deployment Wizard • Altova XMLSpy • Excellent for XML/XSD development • More functionality than native tools ( new version 2007)

  26. Lessons Learned • Develop Enterprise Wide Schemas • Good communication with all parties involved • Use Native BizTalk Capability where possible • Use SQL or MSMQ (File Subsystem for testing only) • Use XML configuration files for all applications (Never encapsulate parameters in code) • Keep an accurate KB of problem and resolution • Use some kind of versioning for development code (Visual Team Suite, Visual SourceSafe 2005 or Free solutions such as Subversion or Tortoise SVN)

  27. More Info • UFAD Web Site • www.ad.ufl.edu • GatorLink • www.gatorlink.ufl.edu • UF Directory • www.bridges.ufl.edu/directory • Contact • Mike Conlon mconlon@ufl.edu • George Bryan grbryan@ufl.edu

More Related