Project Overview - PowerPoint PPT Presentation

About This Presentation
Title:

Project Overview

Description:

Store's session/password information. Pass request & response objects. Build independent solution ... DYA: define your acronyms! Validation. Active Directory ... – PowerPoint PPT presentation

Number of Views:20
Avg rating:3.0/5.0
Slides: 20
Provided by: robin148
Category:

less

Transcript and Presenter's Notes

Title: Project Overview


1
Project Overview
  • Single Sign On Solution
  • Robin Lilly

2
Description of Single Sign On
  • Single sign will allow user to sign on to UTEPs
    system one time and be logged into all the
    diverse systems from that one session.
  • Exchange Mail
  • DotNetNuke Portals
  • CAs CleverPath
  • GoldMine

3
Single Sign On Goals
  • Feasible
  • Scalable
  • Secure
  • Within budget
  • Immediate solution
  • Meets future needs
  • Independent of 3rd party systems

4
Some Problems Encountered
  • Dependence on CleverPath
  • Password to use in other systems was stored in
    CleverPath
  • Retrieval of Password will never be successful
    based on current API
  • Request Response objects
  • CleverPath XML API problems
  • No API to keep session alive when not in
    CleverPath
  • No successful creation of CleverPath Session
    without redirecting to CleverPath
  • No API ability to kill CleverPath session
  • Session Info is stored in CleverPath

5
Solution
  • Stores session/password information
  • Pass request response objects
  • Build independent solution

6
Look at some uses of Single Sign On
  • Sign On to System
  • Check if Im signed on

7
Sign On
Users
UI - User Login
Validation
Other System
CleverPathAPI
Active Directory
iPlanet
Create Session Info (SessionID, Encrypted
Password, Salt)
Session Data (Session, Password, UserName)
Session Cookie (Session Salt)
8
Check if Im Signed On
DNN
Session Cookie (Session Salt)
Various UTEP Sites
Various UTEP Sites
Validation
Session Status
Other System
CleverPathAPI
Active Directory
iPlanet
Is Session Active in Clever Path
Is Session Active in Database
Is Session Active in GoldMine
Create Session Info (SessionID, Encrypted
Password, Salt)
Goldmine
Goldmine
Clever Path
Gold Mine
It site
It site
Session Data (Session, Password, UserName)
Session Cookie (Session Salt)
CleverPath
CleverPath
9
Retrieve Attributes of My Self
Users
Active Directory
CleverPath
Other
Validation
  • New technology being used
  • Benefits
  • Standards being adopted
  • Benefits
  • Standards specifically being ignored
  • Drawbacks benefits
  • DYA define your acronyms!

10
Classes
  • Talk about supporting classes
  • Registry
  • MyRegistry
  • Rijndael
  • SessionInfo

See Page 2 of SingleSignOn Document
11
Users Session Classes
  • UsersDB class wraps the UserSessionInfo table
  • UserCredentials class is passed the Session
    Salt at instantiation
  • It then makes a call to GetUserSession
  • It then decrypts the password with a call to
    Rijndael

12
UserAttributes Class
  • UserAttributesInit()
  • Get Session Info from the cookie (SSO Class)
  • Gets UserCredentials from Database
  • GetUserAttributes()
  • Call iPlanet XML for attributes

See Page 3 of SingleSignOn Document
13
Single Sign On Class
  • Constructors
  • IsActiveSession()
  • Get Cookie Info
  • Check Database if Session is valid
  • Check other systems active

See Page 4-6 of SingleSignOn Document
14
Single Sign On Class (cont.)
  • LogIn(UserID,Password),
  • Remove Old Session Cookies
  • Generate Salt
  • AuthenticateUser(UserID, Password)
  • Call CleverPath XML API to Create Session
  • Store Session in Cookie and Database

See Page 7-8 of SingleSignOn Document
15
Single Sign On Class (cont.)
  • LogOut()
  • Calls RemoveSession()
  • Calls RemoveCleverPathCookie()
  • RemoveSession()
  • Removes Cookie Database Entry
  • RemoveCleverPathCookie()
  • Removes CleverPath Cookie

See Page 9 of SingleSignOn Document
16
Single Sign On Class (cont.)
  • GetSessionInfo()
  • Get Session Cookie
  • Put SessionId and Salt into SessionInfo

See Page 10 of SingleSignOn Document
17
Single Sign On Class (cont.)
  • SetSessionCookie(SessionID,Salt)
  • Writes an in memory cookie with SessionID and
    Salt Out
  • SetCleverPathSessionStillActive(SessionID)
  • Changes CleverPath Cookie to still be active

See Page 11-12 of SingleSignOn Document
18
Single Sign On Class (cont.)
  • GetSignOnURL(RedirectPage)
  • Returns the URL of the signon page with the
    return page as the page passed in

See Page 13 of SingleSignOn Document
19
Things CA should do
  • Changes to CleverPath API or do our own fix
  • Is Session Active
  • Remove Session
  • Keep Session Active
  • Fix CleverPath to go to Logout Screen
  • Fix CleverPath to go to Logon Screen

20
Things we need to do
21
Conclusion
  • No significant under site on design
  • Control with UTEP not CA
  • Can grow with UTEP
  • Probably have some new classes
  • CASystem Class
  • GoldMineSystem Class
Write a Comment
User Comments (0)
About PowerShow.com