At 1:56 PM -0500 4/30/09, Mike Rackley wrote:
>Content-Type: text/html; charset=US-ASCII
>With relatively limited expertise and a relatively modest
>investment, just about anyone can offer up a web application these
>days. We've got faculty, staff, and students who've done it, and
>it's becoming more commonplace. We're on the proverbial horns of a
>dilemma, on one hand not wanting to stifle creativity, innovation,
>and agility, while on the other hand increasingly concerned about
>security issues. For example, we've become aware of a web app that
>a staff member in another department is developing, independent of
>central IT, that we believe will do user authentication based on our
>centrally-assigned NetID/NetPassword credentials.
The first one of these that we encountered some years back was an
online election app, for student government; it was running on a
machine in a dorm room. ;-)
I think you're right -- there are going to be more and more of these
distributed apps that need authentication. Some of these will be in
depts; some will be small outsourced business apps (eg athletic
ticketing, supporting career development, HR-related, etc).
Have you looked at a Web Single SignOn (SSO) mechanism? These
typically include a central logon site (run by central IT). When the
user accesses one of these distributed apps they are redirected to
the logon server; after authentication, the user is redirected back
to the app (sometimes accompanied by attributes describing the user
--eg name, email address, affiliation, etc) There are several systems
like this around, and there are some standards in this space
describing how these systems work and interoperate.
As the digital instruction experience is increasingly delivered by a
growing set of applications, some sites are using Web SSO mechanisms
to tie these environments together, creating a more seamless
experience for the student.
Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.