External Authentication with WebCT. What We ll Discuss



Similar documents
Authentication Methods

SAP Certified Technology Professional - Security with SAP NetWeaver 7.0. Title : Version : Demo. The safer, easier way to help you pass any IT exams.

Single Sign-on (SSO) technologies for the Domino Web Server

SAML-Based SSO Solution

Configuring Sponsor Authentication

Crawl Proxy Installation and Configuration Guide

Architecture of Enterprise Applications III Single Sign-On

TIBCO Spotfire Platform IT Brief

NETASQ ACTIVE DIRECTORY INTEGRATION

How to build an Identity Management System on Linux. Simo Sorce Principal Software Engineer Red Hat, Inc.

Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x

Centralized Oracle Database Authentication and Authorization in a Directory

INTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN

Protected Trust Directory Sync Guide

Safewhere*Identify 3.4. Release Notes

Flexible Identity Federation

WHMCS LUXCLOUD MODULE

Pierce County IT Department GIS Division Xuejin Ruan Dan King

Deploying RSA ClearTrust with the FirePass controller

CA Performance Center

An Analysis of Propalms TSE and Microsoft Remote Desktop Services

Building Secure Applications. James Tedrick

Web Applications Access Control Single Sign On

qliqdirect Active Directory Guide

Single Sign On. SSO & ID Management for Web and Mobile Applications

BlueCoat s Guide to Authentication V1.0

From centralized to single sign on

Password Power 8 Plug-In for Lotus Domino Single Sign-On via Kerberos

Single sign-on enabled OpenCms

Enabling Federation and Web-Single Sign-On in Heterogeneous Landscapes with the Identity Provider and Security Token Service Supplied by SAP NetWeaver

Identity Management in Liferay Overview and Best Practices. Liferay Portal 6.0 EE

Authentication Integration

Integrating Webalo with LDAP or Active Directory

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication

Getting Started Guide

SAML-Based SSO Solution

SSO Plugin. Release notes. J System Solutions. Version 3.6

Microsoft Outlook Web Access 2013 Authenticating Users Using SecurAccess Server by SecurEnvoy

Configuring User Identification via Active Directory

Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief

Integrating Biometrics into the Database and Application Server Infrastructure. Shirley Ann Stern Principal Product Manager Oracle Corporation

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

The increasing popularity of mobile devices is rapidly changing how and where we

USER GUIDE. Lightweight Directory Access Protocol (LDAP) Schoolwires Centricity

Security Provider Integration Kerberos Authentication

Integrating a Hitachi IP5000 Wireless IP Phone

F5 BIG-IP: Configuring v11 Access Policy Manager APM

Transport Layer Security Protocols

SAP SECURITY AND AUTHORIZATIONS - RISK MANAGEMENT AND COMPLIANCE WITH LEGAL REGULATIONS IN THE SAP ENVIRONMENT

Identity. Provide. ...to Office 365 & Beyond

INUVIKA OPEN VIRTUAL DESKTOP ENTERPRISE

Remote Access Options to University Resources. Samuel Petreski IT Security Office

How-to: Single Sign-On

Connecting Web and Kerberos Single Sign On

OneLogin Integration User Guide

Mod 2: User Management

SAML Security Option White Paper

InfoRouter LDAP Authentication Web Service documentation for inforouter Versions 7.5.x & 8.x

Remote Authentication and Single Sign-on Support in Tk20

UNI Login. Authentication

Integration with Active Directory. Jeremy Allison Samba Team

Configuring Single Sign-On for Documentum Applications with RSA Access Manager Product Suite. Abstract

OpenSSO: Cross Domain Single Sign On

Identity Server Guide Access Manager 4.0

Embedded Web Server Security

Mac OS X Directory Services

Using different Security Policies on Group Level for AD within one Portal. SSL-VPN Security on Group Level. Introduction

LDAP User Guide PowerSchool Premier 5.1 Student Information System

Agenda. How to configure

Web Authentication Application Note

Ameritas Single Sign-On (SSO) and Enterprise SAML Standard. Architectural Implementation, Patterns and Usage Guidelines

Configuring Single Sign-on for WebVPN

Flexible Identity Federation

Authentication and access control in Sympa mailing list software

WebCT 3.7 Campus Edition System Administrator s Guide. Technical Communications

User Identification (User-ID) Tips and Best Practices

VMware Identity Manager Administration

Embedded Web Server Security

Securing Web Services With SAML

PowerLink for Blackboard Vista and Campus Edition Install Guide

Authentication and Single Sign On

Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1

This section includes troubleshooting topics about single sign-on (SSO) issues.

Connecting to Delta College Exchange services off-campus

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy

How To Set Up A Macintosh With A Cds And Cds On A Pc Or Macbook With A Domain Name On A Macbook (For A Pc) For A Domain Account (For An Ipad) For Free

Single Sign-On for the UQ Web

Configuring. Moodle. Chapter 82

Shibboleth : An Open Source, Federated Single Sign-On System David E. Martin martinde@northwestern.edu

Juniper Networks Secure Access Kerberos Constrained Delegation

PROPALMS TSE 6.0 March 2008

Transcription:

External Authentication with WebCT WebCT, Inc http://www.webct.com/ What We ll Discuss Introductions Terminology Authentication in WebCT External Authentication Custom Authentication Authorization in WebCT Questions 1

Introductions Audience demographics General comments How many are using 3.5 Campus Edition How many are contemplating 3.5 Campus Edition How many are continuing to use Standard Edition or older versions Authentication Associate a network connection with a known entity Entity could be: user application or system SSL 2

Why Do We Authenticate? To identify a user Authorization Process to determine if the known entity has access to perform a specific function The role entity plays 3

Why Do We Authorize? To assign appropriate user access WebCT and Authorization Admin Admin interface only Designer Shared Designer Student Helpdesk mywebct 4

Types of Authentication Password Digital Certificate Biometrics WWW Authentication HTTP Basic The only standard for all browsers Password is always transferred across network No logout or timeout Ticket -based Use cookies to store ticket Timeout Logout 5

HTTP Basic Pros Standard Con Always passes password No timeout/logout No support for automatic signon Ticket Authentication Pros Easier to configure More secure Timeout/Logout possible Cons Requires cookies Non-standardized 6

WebCT and Authentication Associate a browser/client connection to a specific user in the WebCT database History of WebCT Authentication 1.0 HTTP Basic, per course 2.0 HTTP Basic, global 1.0 3.0 HTTP Basic, global 2.0 3.5 CE HTTP Basic, Ticket, Portal integration Vista (Cobalt) HTTP Basic, Ticket, Portal, network learning 7

WebCT Authentication Flavors Basic vs. Ticket Standard Kerberos LDAP Automatic signon WebCT Open Authentication Kit (WOAK) HTTP Basic and WebCT User Username:password WebCT Content WebCT Web Service Authenticated Username:password Internal User Database 8

CE Ticket Authentication User 1 4 username:password WebCT Content + Cookie WebCT Web Service 2 3 Authenticated user Username:password Internal User Database External Authentication User 1 username:password 6 WebCT Content + Cookie WebCT Web Service 4 username:password 5 Authenticated External User Database 2 user exists 3 username Internal User Database 9

WebCT Standard Authentication Password stored in WebCT Global database Berkeley DBM flavor for database NDBM GDBM Sleepycat BDM Password stored in DES Crypt External Authentication External authentication out of the box Kerberos v 5 LDAP Windows 2000 Domain Controllers Customized Authentication Automatic signon WOAK 10

External Authentication with WebCT WebCT defers to external system for authentication Authorization is handled by WebCT Authentication system and WebCT must be synchronized at username level Reasons for Using External Authentication Standardize Improve usability Reduce management costs Implement a single signon policy Implement an auto signon system Integrate a portal 11

Kerberos Standard Network Authentication Protocol RFC Developed at MIT Used in Windows 2000 Domain Controllers Most secure authentication protocol Should use SSL with WebCT LDAP Lightweight Directory Access Protocol What a directory is and why LDAP is used RFC 2251 ( ) How LDAP authentication works Windows 2000 and Active Directory 12

Single Signon Policy that defines which systems should have shared authentication Automatic Signon Originally intended for portal integration Only used with ticket authentication Can be written in any programming language Requires WebCT Standard and auto signon API Application bugs don t bother WebCT 13

Automatic Signon One system accepts the authentication of another Kerberos Portals Internet 2 Shibboleth Automatic Signon Process 1. Application authenticates user 2. User chooses to enter WebCT Course, MyWebCT or Tool 3. Application finds IMS ID (WUUI in 3.5) 4. Application generates timestamp and MD5 MAC 5. Call auto signon URL with required data 14

WebCT Open Authentication Kit (WOAK) Rewrites the authentication libraries in WebCT Only written in C Ticket or Basic Application bugs can cripple WebCT Requires consulting services Synchronization Authentication is relatively simple Authorization must be managed by WebCT Authentication and WebCT database must be synchronized How Master Everyone must be in both systems 15

WebCT Professional Services Experts with in depth knowledge of WebCT Assistance with implementation, scalability and installation Example code Java, Perl or WOAK Testing parameters to facilitate support calls Questions? 16

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information