100 likes | 243 Views
PubCookie Strategy and Tactics. Mike Conlon Director of Data Infrastructure University of Florida. Six Directory Systems. Registry (authoritative source) LDAP Kerberos (GatorLink) PeopleSoft AD NDS. Existing GL Auth.
E N D
PubCookie Strategy and Tactics Mike Conlon Director of Data Infrastructure University of Florida
Six Directory Systems • Registry (authoritative source) • LDAP • Kerberos (GatorLink) • PeopleSoft • AD • NDS
Existing GL Auth • GL Auth provides web sign-on using an identical architecture to PubCookie • Locally written • Authentication modules for Apache • In use at many sites around UF • Walk-up Internet Port Authenticator • Wireless Authentication
Options for Web Sign On • GL Auth • We know it. It works • PubCookie • You know it. It works • PeopleSoft • Have other sites consume the PeopleSoft logon credential
Why PeopleSoft? • Will become the authoritative source for directory information (Registry to be migrated to Campus Community, 7/2004) • Will become the single sign-on place for enterprise applications – Finance, HR, Student systems, Library, Portal, WebCT, Data Warehouse, …
The UF Web Portal – my.ufl.edu • Two strategic goals: • Provide a single point of entry for authenticated and authorized access to UF information resources • Provide a single delivery mechanism for time sensitive, role-based information for the UF community • Portal was launched 3/31/2003. 100,000 authorized users via Kerberos
Decision Points • Portal strategy emphasizes sign on at the portal – maximizes the synergy of the access point for applications and the access point for information • At the portal, we create a GL Auth Cookie, PubCookie in addition to the PeopleSoft cookie • PeopleSoft has password management capability built-in • An Apache module for the PeopleSoft cookie?
Current PubCookie Efforts • Upgrade the code to support non-SSL transactions • Evaluate use of PubCookie in the enterprise environment • Evaluate PubCookie production infrastructure requirements • Follow the WebISO effort, potentially contribute GL Auth code, WIPA
Authentication Road Map • Mar – Admin w/ GL Auth, launch portal • Apr – ISIS w/ GL Auth, Analysis -> Choose cookie from among GL Auth, PubCookie, PeopleSoft • May – Implement cookie in test, begin portal upgrade analysis • Jun – Analysis, design password processes, upgraded portal in test • Jul – change password mgt, convert ISIS, WebCT, Admin • Aug – relaunch portal w/ password mgt and cookie apps