Presentation is loading. Please wait.

Presentation is loading. Please wait.

Meteor & Mapping Your Future: Leveraging Technology to Provide Enhanced Services 3 rd Annual Conference on Technology & Standards May 2, 2006.

Published byStanley Mosley Modified over 8 years ago

Similar presentations

Presentation on theme: "Meteor & Mapping Your Future: Leveraging Technology to Provide Enhanced Services 3 rd Annual Conference on Technology & Standards May 2, 2006."— Presentation transcript:

1 Meteor & Mapping Your Future: Leveraging Technology to Provide Enhanced Services 3 rd Annual Conference on Technology & Standards May 2, 2006

2 Mapping Your Future Mapping Your Future (MYF) is a public- service web site (mapping-your- future.org) providing career, college, financial aid, and financial literacy information and services.

3 Meteor Meteor is a web-based universal access channel for financial aid information. Information from multiple data providers is aggregated to assist the FAP and the borrower with the financial aid process, repayment and default aversion. Meteor is a collaborative development effort utilizing leading-edge technology. Meteor is a web-based universal access channel for financial aid information. Information from multiple data providers is aggregated to assist the FAP and the borrower with the financial aid process, repayment and default aversion. Meteor is a collaborative development effort utilizing leading-edge technology.

4 Collaboration Both are collaborative projects of the financial aid industry Similar missions Can better serve students, families, and schools Sharing diverse education and experience Sharing technological expertise Both are collaborative projects of the financial aid industry Similar missions Can better serve students, families, and schools Sharing diverse education and experience Sharing technological expertise

5 Collaborative Projects Meteor school display: Display data for school users who login to On-line Student Loan Counseling (OSLC) Financial Aid Office (FAO) Access Area Meteor Student display: Display data for students completing OSLC (exit counseling) Meteor school display: Display data for school users who login to On-line Student Loan Counseling (OSLC) Financial Aid Office (FAO) Access Area Meteor Student display: Display data for students completing OSLC (exit counseling)

6 Basic Meteor Set-up

7 Install App Server Meteor Software Data Connectors or Drivers Configure Keys/Certificate Properties Files SSL Connectivity Customize Authentication Method Data Access Three Major Steps

8 Java Application Server An App Server is a web server that serves “Java Servlets” and JSP pages (similar to ASP, PHP, CGI, etc.) Meteor is known to work on several app servers. Greatest support is available for Apache Tomcat, which is free Meteor Application(s) Meteor applications will “deploy” out of the box on most app servers. Install Custom Drivers/Connectors Install any drivers/connectors necessary to access your legacy data using Java (SQL, Mainframe bridge, etc.). Step 1 - Install

9 Create a JKS (Java) key pair Have certificate signed by a known CA (Verisign, Thawte, etc.) Private key resides on Meteor server Create Key Pair and Configure SSL Step 2 - Configure

10 Public key is placed in the Meteor Registry Configure App Server to use SSL Communication Only Note: You generally cannot use an existing IIS or Apache SSL certificate. They’re not stored in the same format. Create Key Pair and Configure SSL Step 2 - Configure

11 Each key can “unlock” data that was “locked” by the other key but cannot unlock info it locked itself. If a document is modified in transit, “unlocking” it will fail. Assures a valid meteor participant is requesting the data Why use a Key Pair?

12 Step 2 - Configure Assures that a request hasn’t been modified by some 3rd party Standard SSL encrypts the request and response Third-party signature (Verisign, Thawte, etc.) verifies that each organization is valid/reputable Why use a Key Pair?

13 Step 3 – Customize Meteor does not ship with its own authentication system Must choose one of two methods: 1. Implement Java code“IUserAuthentication” to “talk to” your existing authentication system. 2. Implement code in your existing system to create a “SAML Assertion” that can be passed to Meteor to verify that the user has been logged-in. (Recommended) End-User Authentication

14 Step 3 – Customize Meteor team can provide sample Java code for method #2 Method #2 can theoretically be performed in any language. Some proofs of concept exist. End-User Authentication

15 Step 3 – Customize SAML = “Security Assertion Markup Language” http://www.oasis-open.org/ SAML assertions are XML documents What is a SAML Assertion?

16 Step 3 – Customize A SAML Assertion says: I logged this user in I’m “Level N” sure of the person’s identity (N=1 to 3) This user has a certain access role (FAO, Borrower, etc.) What is a SAML Assertion?

17 Step 3 – Customize SAML assertions digitally signed with an entity’s private key SAML assertions can be used for single sign-on applications What is a SAML Assertion?

18 Step 3 – Customize Authentication Using SAML (Recommended) 1.Organization’s existing enterprise sign-on system is modified to create a SAML Assertion after authenticating the user. 2.User clicks form submit button and assertion is passed to Meteor via HTTP Post.

19 Step 3 – Customize Authentication Using SAML (Recommended) 3.Meteor validates SAML Assertion against the public key in the Meteor Registry and grants or denies access as appropriate. Note: Java classes and sample code exist to create the SAML Assertion.

20 Step 3 – Customize Data Provider Customization How do I link Meteor to my data? 1.Implement DataServerAbstraction Interface 2.Retrieving Data 3.Creating the Response Where can I find help?

21 Step 3 – Customize Public MeteorDataResponse getData(MeteorContext context, String ssn) Security Token Contained within the MeteorContext Requestor Role (Borrower, FAO, CSR) Opaque User Id Implementing DataServerAbstraction Interface

22 Step 3 – Customize 1.Use existing Meteor sample code Predefined database schema Data must be loaded into database 2.Direct access to production data SQL embedded Real time access to data 3.Transaction Calls RPC, MQ, SOAP, CICS Gateway Retrieving Data

23 Step 3 – Customize MeteorDataResponse Object Mapping Data Data is mapped to container classes. Start early in the process. Seek help from business experts. Meteor software handles formatting the response. Creating the Response

24 Step 3 – Customize Meteor Tech Team List Server Sample Code http://www.meteorcentral.com Source Code Production Releases http://www.nchelp.org/meteor.htm Documentation Meteor Setup Guide Help Resources

25 MYF Exit Counseling Pilot Integration of Real-Time Data

26 Overview of Project Mapping Your Future (MYF) and Meteor have collaborated to create Meteor Borrower Display, a customized application that allows student loan borrowers to view their loan data via the Meteor network, in real time, when completing Mapping Your Future’s Online Student Loan Counseling (OSLC). New York State Higher Education Services Corporation contributed significantly to the application, initiating a full production pilot. Mapping Your Future (MYF) and Meteor have collaborated to create Meteor Borrower Display, a customized application that allows student loan borrowers to view their loan data via the Meteor network, in real time, when completing Mapping Your Future’s Online Student Loan Counseling (OSLC). New York State Higher Education Services Corporation contributed significantly to the application, initiating a full production pilot.

27 Overview of Project This default prevention initiative benefits both schools and students – helping schools meet regulatory requirements to provide loan indebtedness information during exit counseling and providing students with real- time information about their student loans. This makes for a much more valuable exit counseling experience.

28 Flowchart

29

30

31

32

33

34

35

36

37 MYF Technical Requirements Meteor installation Ability to accept/pass SAML New XSLT file Parse/display XML using ColdFusion Meteor installation Ability to accept/pass SAML New XSLT file Parse/display XML using ColdFusion

38 Meteor Technical Requirements Implemented Meteor Authentication Provider by leveraging HESC’s existing authentication application (HescPIN) Create HescPIN authentication requests Parse HescPIN authentication responses Use Meteor’s SAML library to generate & send a HESC signed SAML assertion to MYF Implemented Meteor Authentication Provider by leveraging HESC’s existing authentication application (HescPIN) Create HescPIN authentication requests Parse HescPIN authentication responses Use Meteor’s SAML library to generate & send a HESC signed SAML assertion to MYF

39 Benefits of the Project

40 Collaborative Approach MYF and HESC are able to leverage existing technology to offer enhanced services MYF provides HESC customers with an improved exit counseling experience. Meteor provides students accurate & up to date information. HESC can provide access to this feature for any school. (Students must have a HescPIN to see Meteor data as part of their exit counseling session.) MYF and HESC are able to leverage existing technology to offer enhanced services MYF provides HESC customers with an improved exit counseling experience. Meteor provides students accurate & up to date information. HESC can provide access to this feature for any school. (Students must have a HescPIN to see Meteor data as part of their exit counseling session.)

41 Contacts Christopher Cooper, Supervisor of Data Processing Services New York State Higher Education Services Corporation 518-473-8824 ccooper@hesc.org Al Walser, Senior Programmer Analyst Mapping Your Future™, Inc. 512-869-8242 allen.walser@mapping-your-future.org Tim Cameron, Project Manager Meteor 954-565-7229 meteor@nchelp.org Christopher Cooper, Supervisor of Data Processing Services New York State Higher Education Services Corporation 518-473-8824 ccooper@hesc.org Al Walser, Senior Programmer Analyst Mapping Your Future™, Inc. 512-869-8242 allen.walser@mapping-your-future.org Tim Cameron, Project Manager Meteor 954-565-7229 meteor@nchelp.org

Download ppt "Meteor & Mapping Your Future: Leveraging Technology to Provide Enhanced Services 3 rd Annual Conference on Technology & Standards May 2, 2006."

Similar presentations

Split Servicing: Tools and Strategies to Help Track and Manage Debt Presented by: Tim Cameron The Meteor Project Manager National Council of Higher Education.

Split Servicing: Tools and Strategies to Help Track and Manage Debt Presented by: Tim Cameron The Meteor Project Manager National Council of Higher Education.
Campus Based Authentication & The Project Presented By: Tim Cameron National Council of Higher Education Loan Programs.

Campus Based Authentication & The Project Presented By: Tim Cameron National Council of Higher Education Loan Programs.
Running PHP on Windows Server 2008 and IIS 7 Rob Cameron Developer Evangelist, Communications Sector Microsoft.

Running PHP on Windows Server 2008 and IIS 7 Rob Cameron Developer Evangelist, Communications Sector Microsoft.
Secure Sockets Layer eXtended (SSLX) Next Generation Internet Security Overview Presentation April 2011.

Secure Sockets Layer eXtended (SSLX) Next Generation Internet Security Overview Presentation April 2011.
CUMREC 2005 Creating A Suite of Convenience Services for Clients and Developers Deb Nelson – Systems Analyst Larry Newhouse – Information Systems Leader.

CUMREC 2005 Creating A Suite of Convenience Services for Clients and Developers Deb Nelson – Systems Analyst Larry Newhouse – Information Systems Leader.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
1 eAuthentication in Higher Education Tim Bornholtz Session #47.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.
6/4/2015Page 1 Enterprise Service Bus (ESB) B. Ramamurthy.

6/4/2015Page 1 Enterprise Service Bus (ESB) B. Ramamurthy.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
1 Java Server Pages Can web pages be created specially for each user? What part does Java play?

1 Java Server Pages Can web pages be created specially for each user? What part does Java play?
Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Building Secure Applications.

Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Building Secure Applications.
CAMP - June 4-6, 2003 1 Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin 2003. This work is the intellectual property of the authors.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Web Development & Design Foundations with XHTML Chapter 9 Key Concepts.

Web Development & Design Foundations with XHTML Chapter 9 Key Concepts.
Session 41-2 Session 41 Services on the Web for Schools.

Session 41-2 Session 41 Services on the Web for Schools.
CSCI 6962: Server-side Design and Programming

CSCI 6962: Server-side Design and Programming
Sys Prog & Scripting - HW Univ1 Systems Programming & Scripting Lecture 15: PHP Introduction.

Sys Prog & Scripting - HW Univ1 Systems Programming & Scripting Lecture 15: PHP Introduction.
1 Web Developer & Design Foundations with XHTML Chapter 6 Key Concepts.

1 Web Developer & Design Foundations with XHTML Chapter 6 Key Concepts.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
M. Taimoor Khan * Java Server Pages (JSP) is a server-side programming technology that enables the creation of dynamic,

M. Taimoor Khan * Java Server Pages (JSP) is a server-side programming technology that enables the creation of dynamic,

Similar presentations

Ads by Google