26/9/12 Single Sign On

Attending:

 Edinburgh - Morna Findlay, Rhian Davies, Mark Lang, Peter Jackson, Garry Robertson

 ABS - Peter Elliott, Mark Eastman, Phil Barnett

 

Discussion

 

A discussion was held between ABS staff and IS Applications staff in which it was discussed how Edinburgh's use of shibboleth might be linked to the ABS Single-sign on functions.

 

It was also discussed how IS Apps might investigate the use of single sign on without adding risk to the Efinancials upgrade milestones and whether single sign-on should be included in the Efinancials upgrade projects or dealt with separately.

 

Proof of concept

 

It was decided that a "proof of concept" that Single-sign on could be made to work with shibboleth would come within the scope of this project.

The approach would be to install OpenAm with OpenDS (as an LDAP provider) an then test with one user to explore how roles can be attached to a user.  Then experiment to see if shibboleth can replace Open DS - all this can be done without involving any ABS apps. Then test with CP for example. Easy to disconnect as an agent is used  in between OpenAm and the application (although not the case for eFin applet).

 

ACTION: 

Rhian to consider incorporating into plan, TOR  and budget.

 

Open AM

 

To use single-signon, we would have to install OpenAM Expressbuild 9 ( Feb 2010). ABS have a JBOSS-wrapper version which we can download.

(OpenAm is now up to versiopn10, but ABS have no plans to develop SSO to work with this)

 

Installation

 

We can install ourselves - ABS may be required later when the JBOSS apps were to be configured.

Mike Chappell is usually the person who installs SSO for customers.

 

University Security Policy

 

IS Apps thik that the "pass the parcel" authentication proposed by ABS would be fine, but this would have to be confirmed with ITI UNIX.

 

Existing customers

 

ACTION:

Garry to find out more about existing customers useing SSO.

 

Project Info

Project
Efinancials Upgrade
Code
FIN083
Programme
Finance (FIN)
Project Manager
Rhian Davies
Project Sponsor
Elizabeth Welch
Current Stage
Close
Status
Closed
Start Date
06-Aug-2012
Planning Date
n/a
Delivery Date
n/a
Close Date
n/a
Programme Priority
1
Category
Compliance

Documentation

Other