PubCookie Strategy and Tactics

Download Report

Transcript PubCookie Strategy and Tactics 

PubCookie Strategy and Tactics
Mike Conlon
Director of Data Infrastructure
University of Florida
Six Directory Systems






Registry (authoritative source)
LDAP
Kerberos (GatorLink)
PeopleSoft
AD
NDS
Existing GL Auth
 GL Auth provides web sign-on using
an identical architecture to PubCookie
 Locally written
 Authentication modules for Apache
 In use at many sites around UF
 Walk-up Internet Port Authenticator
 Wireless Authentication
Options for Web Sign On
 GL Auth
 We know it. It works
 PubCookie
 You know it. It works
 PeopleSoft
 Have other sites consume the PeopleSoft
logon credential
Why PeopleSoft?
 Will become the authoritative source
for directory information (Registry to
be migrated to Campus Community,
7/2004)
 Will become the single sign-on place
for enterprise applications – Finance,
HR, Student systems, Library, Portal,
WebCT, Data Warehouse, …
The UF Web Portal – my.ufl.edu
 Two strategic goals:
1. Provide a single point of entry for
authenticated and authorized access to
UF information resources
2. Provide a single delivery mechanism for
time sensitive, role-based information
for the UF community
 Portal was launched 3/31/2003.
100,000 authorized users via
Kerberos
Decision Points
 Portal strategy emphasizes sign on at the
portal – maximizes the synergy of the
access point for applications and the access
point for information
 At the portal, we create a GL Auth Cookie,
PubCookie in addition to the PeopleSoft
cookie
 PeopleSoft has password management
capability built-in
 An Apache module for the PeopleSoft
cookie?
Current PubCookie Efforts
 Upgrade the code to support non-SSL
transactions
 Evaluate use of PubCookie in the
enterprise environment
 Evaluate PubCookie production
infrastructure requirements
 Follow the WebISO effort, potentially
contribute GL Auth code, WIPA
Authentication Road Map
 Mar – Admin w/ GL Auth, launch portal
 Apr – ISIS w/ GL Auth, Analysis -> Choose
cookie from among GL Auth, PubCookie,
PeopleSoft
 May – Implement cookie in test, begin portal
upgrade analysis
 Jun – Analysis, design password processes,
upgraded portal in test
 Jul – change password mgt, convert ISIS,
WebCT, Admin
 Aug – relaunch portal w/ password mgt and
cookie apps