Zeroth Click Andrew Petro JA-SIG Atlanta, December 4, 2006 © Copyright Unicon, Inc., 2006. This work is the intellectual property of Unicon, Inc. Permission.

Slides:

Advertisements

Similar presentations

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.

Advertisements

Directorate of Learning Resources Accessing electronic journals from off-campus This causes lots of headaches, but dont despair, heres how to do it! If.

Accessing electronic journals from off- campus This causes lots of headaches, but dont despair, heres how to do it! (Please note – this presentation is.

Central Authentication Service Roadmap JA-SIG Winter 2004.

WebISO PanelEducause SAC Implementing Single Sign On Technologies for Campus Portals Panel Nathan Dors, Project Lead Security/Middleware Unit Univ.

Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau This work is the intellectual property of the authors. Permission is granted for.

Design & Development Scott Battaglia Application Developer Enterprise Systems and Services Rutgers, the State University of New Jersey

Your NEW Social Services Verification Tool

XML Import & Export for uP 2 Using Cernunnos Andrew Petro & Drew Wills April 2007 uPortal Dev Meeting Johns Hopkins University © Copyright Unicon, Inc.,

1 June 10-15, 2012 Growing Community; Growing Possibilities uPortal Integration in Action Jim Helwig University of Wisconsin-Madison.

Innovation and Outcomes: Voices of Experience Purdue University Calumet Midwest Educause Conference Monday, March 13, 2006 Heather L. Zamojski: Course.

Copyright Jill M. Forrester This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,

New uPortal Contributions from the University of Wisconsin-Madison Jim Helwig University of Wisconsin-Madison Eric Dalquist Unicon, Inc. JA-SIG December.

Portal Anthony Colebourne Internet Services January 2006.

End and Start of Year Administration Tasks. Account Administration Deleting Accounts Creating a Leavers Group Creating New Accounts: Creating accounts.

The Homegrown Single Sign On (SSO) Project at UM – St. Louis.

JA-SIG CAS Enterprise Single Sign-On Scott Battaglia Application Developer Enterprise Systems & Services Rutgers, the State University of New Jersey Copyright.

It’s All in How You “Sell” It Pay for Print vs. Print Conservation:

Web Portal Development with uPortal or.Net Midwest Educause: March 24-26, 2003 David B. Williams Mark Troester

Planning for Ecological Diversity in New Learning Environments: Interoperability Between Libraries and Course Management Systems Louis King, University.

Moving Out of The Shadows: Shining a Light on Data David Rotman Director of Computer Services Mark Mazelin Web Development Coordinator Copyright David.

University of California, Irvine Security Access Management at UC Irvine: Adding Decentralization and Ending Paper Mark Askren, Assistant Vice Chancellor.

Darrel S. Huish Katherine J. Ranes Arizona State University Lessons Learned During the First Year of myASU, a Large Institution Portal Copyright Darrel.

Open Your Eyes: Open Architecture, Open Source, Open Projects Mid-Atlantic Educause January 12, 2005 Copyright Patricia Gertz This work is the intellectual.

Learning Management Systems Camp June 2004 Barry R Ribbeck UT HSC Houston Copyright, Barry Ribbeck, This work is the intellectual property of the.

Putting the We in… We are Penn State! Copyright [Carol Findley, Lisa Dibert] [2003]. This work is the intellectual property of the authors. Permission.

You’ve Built The Pieces, Now Integrate Your Enterprise! Mid-Atlantic Regional Conference January 17, 2003 Patty Gertz, Princeton University

Beyond the Campus Gates: Bringing Alumni, Parents, and Prospects into the Campus Portal William P. Wilson Mark R. Albert John C. Duffy Gettysburg College.

Educause 2006, Dallas TX What does a University need from Access Management? John Paschoud InfoSystems Engineer, LSE Library London School of Economics.

Campus Technology 08 Shootout! Bracing for the Next-Gen Student Wave: Myth or Mandate? Next-Gen Students “Speak Up” – Are we listening? Julie Evans Project.

Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.

3 Nov 2003 A. Vandenberg © Second NMI Integration Testbed Workshop on Experiences in Middleware Deployment, Anaheim, CA 1 Shibboleth Pilot Local Authentication.

UNICON Warlock Portlets A.K.A. toro-portlets Andrew Wills JA-SIG 2007 Summer Conference, Denver Tuesday June 26th, 2007 © Copyright Unicon, Inc., 2006.

Pay for Print vs. Print Conservation: It’s All in How You “Sell” It © Kathy Gervasi and Bill Thieke, This work is the intellectual property of the.

Surveying patrons with the Impact Survey A fast, easy way to gather feedback from the community about public technology needs Samantha Becker, MLIS, MPA.

Phone Tips Teresa Shibao & Paul Dial January 19, 2010.

Ideas to Improve SharePoint Usage 4. What are these 4 Ideas? 1. 7 Steps to check SharePoint Health 2. Avoid common Deployment Mistakes 3. Analyze SharePoint.

Registration and Log-in Flow Benjamin Melançon agaric.com & dgd7.org.

UPortal 101 JA-SIG Pre-conference Seminar Susan Bramhall & Andrew Petro Vancouver, BC, June 4, 2006.

DLM: The uPortal Pushmi-Pullyu JA-SIG with Altitude, Denver 2007 Susan Bramhall,Yale University Jim Helwig, University of Wisconsin-Madison.

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

Copyright 2008, Elizabeth A. Evans. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

New uPortal Contributions from the University of Wisconsin-Madison Jim Helwig University of Wisconsin-Madison Eric Dalquist Unicon, Inc. JA-SIG December.

CAS Lightning Talk Jasig-Sakai 2012 Tuesday June 12th 2012 Atlanta, GA Andrew Petro - Unicon, Inc.

Security Access Management at UCI – Slaying the Paper Forms Dragon Mark Askren, Assistant Vice Chancellor Valerie Jones, Project Lead Jennifer Lane, Help.

UPortal Import/Export Drew Wills JA-SIG Winter Unconference, November 12, 2007 © Copyright Unicon, Inc., This work is the intellectual property of.

A Community of Learning SUNGARD SUMMIT 2007 | sungardsummit.com 1 Extending SSO – CAS in Luminis Presented by: Zachary Tirrell Plymouth State University.

Copyright © 2003, The University of Texas at Austin. This work is the intellectual property of the author. Permission is granted for this material to be.

Introduction to Spring Web Flow Andrew Petro Software Developer Unicon, Inc. Jasig 2011 Westminster, CO 23 May 2011 © Copyright Unicon, Inc., Some.

Mtivity Client Support System Quick start guide. Mtivity Client Support System We are very pleased to announce the launch of a new Client Support System.

The Unexpected Webification of FRS Financial Records System or Steve Machuga Gil Thornfeldt “A funny thing happened on the way to electronic forms” Copyright.

Recent Unicon OpenSource Activity relevant to uPortal Andrew Petro uPortal Developer meeting at Johns Hopkins University, 23 April 2007 © Copyright Unicon,

Cdigix at Yale Chuck Powell Director, Academic Media & Technology, ITS Yale University September 15, 2004 Copyright Charles Powell.

Improving the Social Nature of OnLine Learning Tap into what students are already doing Tap into what students are already doing Educause SWRC07 Copyright.

Www2.computer.org Web Publishing Training Leo Wadsworth, Staff Manager April 2008.

Portals and Web Standards Lessons Learned and Applied David Cook Copyright The University of Texas at Austin This work is the.

| imodules.com Top 10 FAQ in Application Support Kelly Schmiedeler & Amber Quayle.

UPortal 2.6 Status Update Andrew Petro uP dev 24 April 2007 © Copyright Unicon, Inc., This work is the intellectual property of Unicon,

Rendering Syndicated Library Content in an Institutional Portal: Integrating MyLibrary into uPortal John Fereira: Cornell University Eric Lease Morgan:

Copyright Michael Dieckmann, Geissler Golding, Melanie Haveard This work is the intellectual property of the author. Permission is granted for this material.

Wake Forest Content Migration Strategy Jolie Tingen – WF, Patty Wolfe – Unicon, Dan McCallum – Unicon Sakai Conference - Denver, Jun 17, 2010 © Copyright.

NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.

1 Carl Berger NlII Spring Focus: Survey results Copyright Carl Berger This work is the intellectual property of the author. Permission is granted.

Mobile Testing - Bug Report

Identity and Access Management Challenges in uPortal

Applications of Virtualization & Automation

Presentation Mastery Stop Presenting – Start Connecting

myIS.neu.edu – presentation screen shots accompany:

VuFind APIs - A practical approach

Central Authentication Service

Presentation transcript:

Zeroth Click Andrew Petro JA-SIG Atlanta, December 4, 2006 © Copyright Unicon, Inc., This work is the intellectual property of Unicon, Inc. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of Unicon, Inc. To disseminate otherwise or to republish requires written permission from Unicon, Inc.

You are missing out on It’s the Enterprise, Dude A Community Source Notification System Integration of Version Control and Code Migration Processes

This presentation Ideas, hints, and patterns for high-value unauthenticated portal experiences.

Meet your speaker Andrew Petro Previously with Yale University –Technology and Planning Now at Unicon, Inc. –“Academus Development Lead”

uPortal is really cool Pluggable authN Flexible attribute collection Agile Groups Nuanced permissions Powerful layout capabilities Adjectives dripping all over the place

uPortal is really cool Pluggable authN Flexible attribute collection Agile Groups Nuanced permissions Powerful layout capabilities Adjectives dripping all over the place

All this coolness requires AuthN If only you would log in, all these wonderful things could follow It’s a lot like Marley being dead to begin with.

If only you would log in We’d know who you are We’d have attributes about you We’d know what groups you’re in We’d know what permissions you have We could build your layout

Rutgers baked this into a strategy Keys to Portal Success: –Hire a vendor (no joke!) –Focus on the logged in user experience Heroics to eliminate the guest user and replace with a static page

Wow, this is a short presentation In conclusion, for anything cool to happen, the users gotta login. So, like, encourage them to do it.

Andrew Petro Questions?

Well Maybe we can do something interesting with the guest page…

Logging in is over rated

Look ma, no login

Why? Headlines Headlines

Why? Events Events

Full Disclosure Not implemented as directly uP rendering But it could have been PHP integrations are not a bad thing

Some coolness *doesn’t* require AuthN Universities are brimming with public information, events, discoveries, announcements that are not secret

No one wants a portal Very few users have the goal of accessing the portal They have the goal of getting heads up information, accessing services Portal as tool to accomplish those goals If you can solve that goal in fewer clicks or with less overhead, you probably should. No bonus points for extra pain, after all.

Gaining adoption and logins High value services when logged in Opportunity to put information in front of student eyeballs Sometimes, even hold some coolness back

Network Registration

*Reducing* logins Say what? Control the load Especially at the highest usage moments Control the “burstyness”

Guest user What you get when you’re not logged in Can still proxy and aggregate Can still cache

ICacheable Cache keys can be –User scoped –System scoped

Idea: special URLs for accessing the portal Browser provides hint –Campus cluster computer homepage? –Different links depending on where you come from?

Yale SAM Kiosks Service and Maintenance employees

Susan Bramhall is here She did most of the work and can speak to implementation details And how this has worked out over time (And tell her to be in the JA-SIG “speed dating” rotation next conference so she can spread the word about this)

Tricks to be had here Genuinely multiple guest users Re-use a regular user account with preferences locked down

Considering the remote address Hints as to on-campus, off-campus, where on campus Like the special URL tricks?

Remote address as parameter to remote feeds?

Cookies “Remember me on this computer”?

Remember Me Amazon.com approach “Mostly logged in” –Think of it as weak authN –Until you do something sufficiently important –At which point you more strongly authenticate

“Echo user” idea User that gets my layout Has some of my user attributes as cached Is member of “presumed-Student” etc. groups DLM degrades layout appropriately given degraded permissions

An echo of a user

CAS has some neat outcomes here Portal cannot proxy an authentication you don’t have So content that requires strong authentication to go get data from elsewhere –Fails gracefully? –Well, can fail gracefully –DLM dropping unauthorized content –CError extension

Implementing Well, remember that uPortal is really cool…

uPortal is really cool Pluggable authN Flexible attribute collection Agile Groups Nuanced permissions Powerful layout capabilities Adjectives dripping all over the place

Pluggable Authentication So plug in AuthN that considers “remember- me” cookies or remote address or hint URLs.

Pluggable attribute sources So plug in sources that draw attributes from cache And filter / merge strategies that appropriately filter the cache?

Pluggable groups So create some less-certain echo groups?

Echo groups Everyone LikelyStudents Students

Permissions can cope with this Yes, this adds complexity (More on that shortly) But uPortal permissions *can* model this How do you want the experience to degrade? –What am I allowed to see and do when I’m only weakly authenticated?

Powerful layout capabilities Degrade just-in-time appropriately Control which layout portions you get when weakly authenticated

Sobering thoughts Don’t run out and implement this It’s something to think about Tradeoff of complexity / more nuanced user experience But even if you don’t go implement these use cases –Demonstrates the power of the platform

Making login less painful Single Sign On –CAS –Others

Bootstrapping a CAS login CAS “gateway” parameter allows trying for a “freebie” CAS login *without* CAS interrupting flow with login screen

Gateway Tells CAS to redirect back without a ticket if one cannot be acquired non-interactively (e.g., via an established SSO session). Allows you to provide the best user experience possible under the circumstances.

Public Portal

Authenticated Portal

First request to the portal

CASify all requests

Login Screen

But I just wanted the weather…

Needlessly locking public information

Effective use of Gateway 1)Authenticated, personalized content 2)Public, generic content 3)Login screen

Many opportunities with uPortal Compelling user experiences, whether –Unauthenticated –Weakly authenticated –Strongly authenticated uPortal can start delivering value from the zeroth click

Andrew Petro Questions?