WordCamp NYC Authentication 2009-11-13

  • View
    91

  • Download
    1

Embed Size (px)

Transcript

1. User Authentication with MU in Existing Ecosystems Casey Bisson 2. WordPress MU 3. WordPress MU 4. University 5. University 6. External Authentication LDAP Shibboleth OpenID CAS (central authentication service) 7. External Authentication LDAP Shibboleth OpenID CAS (central authentication service) authN + authZ authN only 8. WordPress User Directory 9. WordPress User Directory 10. If thats all you need, youre set. 11. Irony Many university systems behave like youve never used the internet before. Despite directory services, many university users must maintain accounts in multiple systems. Our expensive commercial portal doesnt offer user-initiated password resets or user proles. 12. Law (almost) "[An] institution may not make education records available electronically by using a common form user name (e.g., last name and rst name initial) with date of birth or SSN, or a portion of the SSN, as an initial password to be changed upon rst use of the system." 13. My Simple, Evil Plan Replace user-facing components with WordPress 14. Submit No No Yes Yes Yes No Matches AD credentials? Provision account or sync password to WP Username and password entry Yo! Credentials Matches WP credentials? Has full university account? SunGard Luminis Portal WordPress/ BuddyPress 15. Submit No Ma Username and password entry Yo! Credentials Ma 16. Submit No Ma Username and password entry Yo! Credentials Ma 17. Submit No No YesMatches WP credentials? 18. Submit No No YesMatches WP credentials? 19. Submit No No Yes YesMatches AD credentials? Matches WP credentials? 20. Submit No No Yes YesMatches AD credentials? Matches WP credentials? 21. Yes Yes Yes No Provision account or sync password to WP Has full university account? 22. Yes Yes Yes No Provision account or sync password to WP Has full university account? 23. Yes Yes Yes No Provision account or sync password to WP Has full university account? 24. Yes Yes Yes No Provision account or sync password to WP Has full university account? 25. Yes Not? SunGard Luminis Portal WordPress/ BuddyPress 26. Yes Not? SunGard Luminis Portal WordPress/ BuddyPress 27. Plugins, Hooks, Functions Plugins weve released: Alternate Contact Info, WordPress Ticket Framework, wpSMS Unreleased code replaces wp_authenticate() and hooks do_action(login_form . $action) Much more detail in my blog post 28. Thank you http://Plymouth.edu http://MaisonBisson.com