Presentation is loading. Please wait.

Presentation is loading. Please wait.

SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.

Published byMarion Edwards Modified over 9 years ago

Similar presentations

Presentation on theme: "SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005."— Presentation transcript:

1 SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005

2 Opening Slide Session Objectives: –Understand the Blackboard Academic Suite™ security and permissions architecture –Review options available Innovation –Discover opportunities Results/Outcomes –Improve service to users –Reduce support costs

3 Agenda Authorization Session Management Authentication –Configuration Options –Single Log-in –Single Sign-on Authorization Session Management Authentication User Identity Resources

4 Authorization Self Contained in Blackboard® GUI Configuration Allows the user to perform sets of actions Software driven Authorization Blackboard Database Blackboard Database User ID ??? Who are you? What do you want? Permission to see it. Permission to do it.

5 System Privileges course.images.MODIFY course.settings.MODIFY course-catalog.CREATE course-catalog.DELETE course-catalog.MODIFY course-catalog.settings.MODIFY course-categories.VIEW discussion-board.CREATE discussion-board.DELETE discussion-board.MODIFY discussion-board.VIEW email-all-instructors.EXECUTE email-all-students.EXECUTE email-all-users.EXECUTE email-support.MODIFY

6 Authorization and Session Management Session Manager maintains ID Authorization requests ID Authorization Session Management Who are you? User ID

7 Blackboard Session Management Session Launch Session Cookie/Table Timeout Stateful Session Management Cookie Session ID User ID Blackboard User ID

8 Sessions Across Servers Session Affinity Cookie-based Session Cache Load Balancer App1 File Server App2 App3 Database

9 User_ID Authentication Who are you? –How do we get the user ID? Can we trust you? –How do we secure the process? Session Management

10 Basic Workflow Authorization Session Management Authentication

11 Authentication Options Default Single Log-in –LDAP Single Sign-On –Web Server Delegation Windows (IIS) UNIX (Apache) Shibboleth –Custom Pass-Through Authentication

12 Default Blackboard Authentication Uses a Challenge/Response Mechanism Does not send the password over the network in “clear text” form Does not store passwords in “clear text” Authentication Properties = RDBMS

13 Challenge/Response Mechanism User Requests Login Page Server sends login page with Challenge User Enters Credentials; Credentials are submitted with Challenge and MD5 Encrypted Server receives credentials, uses challenge to compare the password with the MD5 password stored in the Bb database

14 Single Log-In Application1 Application3 username & password Application2 username & password Directory Service One Username and Password pair for multiple Applications

15 Blackboard LDAP Authentication Configuration setting “plugs” Blackboard into existing infrastructure and enables Single Login Provides for multiple directories and fallback for Blackboard only users LDAP v2, but…

16 Blackboard Directory Service HTTPS LDAP(S) username & password YES or NO Directory Service LDAP Authentication Security Configuration Fallback

17 Authentication Service/Gateway Authentication Service/Gateway Directory Service Single Sign-On Application1 Application3 username & password Application2 One Username and Password submission for all applications

18 Web Server Delegation Types –Apache Mods –IIS/Active Directory –Custom Reconcile, Create or Deny User Registry or Batch_UID

19 Web Server Delegation Blackboard Web Server User ID Session Management Authentication Remote_User

20 Authentication Service/Gateway Authentication Service/Gateway Institutional Single Sign-On Application1 Application3 Application2 WebServer Web Initial Sign-On

21 Pass Through Authentication Application 1 Authentication Session Mngr Blackboard Handler Session Mngr User ID Application 2 Handler Session Mngr Context –/webapps/blackboard/launch_external.jsp –Context Encryption

22 Log Out No workflow is complete without the LOG OUT procedures Review Use Cases!! Check sessions of all applications Application1 Application3 Application2

23 Closing Slide Innovating Together in ‘05: –Authorization, Session Management, Authentication –Authentication methods Resources Available: –Blackboard Authentication Manual –Blackboard Administrators Manual –Web Initial Sign-on (http://middleware.internet2.edu/webiso/) Follow up Contact(s): –Jeff Kelley, Solutions Engineer jkelley@blackboard.com IF YOU ONLY REMEMBER 1 THING: –Don’t forget to log out!

Download ppt "SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005."

Similar presentations

Implementing Tableau Server in an Enterprise Environment

Implementing Tableau Server in an Enterprise Environment
Different Approaches to Single-Sign-On Jeff Kahn, Verbena Consulting.

Different Approaches to Single-Sign-On Jeff Kahn, Verbena Consulting.
METALOGIC s o f t w a r e © Metalogic Software Corporation 2004-2006 DACS Developer Overview DACS – the Distributed Access Control System.

METALOGIC s o f t w a r e © Metalogic Software Corporation DACS Developer Overview DACS – the Distributed Access Control System.
Privileged Identity Management Enterprise Password Vault

Privileged Identity Management Enterprise Password Vault
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Securing web applications using Java EE Dr Jim Briggs 1.

Securing web applications using Java EE Dr Jim Briggs 1.
Novell iChain ® 2.x Configuration Using the Web Server Accelerator Wizard Cary Andrews Senior Software Engineer Novell, Inc.

Novell iChain ® 2.x Configuration Using the Web Server Accelerator Wizard Cary Andrews Senior Software Engineer Novell, Inc.
WEB2P security Java web application security Dr Jim Briggs.

WEB2P security Java web application security Dr Jim Briggs.
Introduction To Windows NT ® Server And Internet Information Server.

Introduction To Windows NT ® Server And Internet Information Server.
Blackboard Building Blocks Authentication Overview Tuesday, June 30, 2015 Tom Joyce, Product Manager, Platform Architecture & Database.

Blackboard Building Blocks Authentication Overview Tuesday, June 30, 2015 Tom Joyce, Product Manager, Platform Architecture & Database.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Securing Enterprise Applications Rich Cole. Agenda Sample Enterprise Architecture Sample Enterprise Architecture Example of how University Apps uses Defense.

Securing Enterprise Applications Rich Cole. Agenda Sample Enterprise Architecture Sample Enterprise Architecture Example of how University Apps uses Defense.
Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.

Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.
Authentication via campus single sign-on 2012 VIVO Implementation Fest.

Authentication via campus single sign-on 2012 VIVO Implementation Fest.
Enterprise Single Sign On Identity management for web applications.

Enterprise Single Sign On Identity management for web applications.
Windows Security Mechanisms Al Bento - University of Baltimore.

Windows Security Mechanisms Al Bento - University of Baltimore.
1 ASP.NET SECURITY Presenter: Van Nguyen. 2 Introduction Security is an integral part of any Web-based application. Understanding ASP.NET security will.

1 ASP.NET SECURITY Presenter: Van Nguyen. 2 Introduction Security is an integral part of any Web-based application. Understanding ASP.NET security will.
Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd

Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd
Copyright © 2007, SAS Institute Inc. All rights reserved. SAS Activity-Based Management Survey Kit (ASK): User Management & Security.

Copyright © 2007, SAS Institute Inc. All rights reserved. SAS Activity-Based Management Survey Kit (ASK): User Management & Security.

Similar presentations

Ads by Google