Jagiellonian University Norm DTI/01-2
|
|
- Gordon Perry
- 6 years ago
- Views:
Transcription
1 Jagiellonian University Norm DTI/01-2 Central Login of the Jagiellonian University ( Punkt Logowania ) rules for connecting applications As at: 11 th June 2015 Abstract This norm sets rules for all applications connected to the Central Login ( Punkt Logowania ) that implements a Single Sign On mechanism for web services at Jagiellonian University. How does the authentication work? The Central Login of the Jagiellonian University service is based on Central Authentication Service (CAS) software with SAML validation and basic integration rules that follow these standards (off-theshelf available client modules may be used). By login to the Central Login Point the user receives a session identified by a TGT cookie (Ticket Granting Ticket). CAS maintains a repository of active sessions with TGT as the key. Once the application redirected the user to the Central Login in order to authenticate it, a Service Ticket (ST) is generated. It is a one-time ticket and enables the application to obtain user data. CAS stores all ST assigned to corresponding TGT. A sample authentication process: 1. The user enters the site and clicks on the Login button 2. Next, the user is redirected to the site: Once a correct login and password is provided, the user is redirected to the site: where the ticket is a one-way ticket of the ST type 4. While loading the webpage the application code sends a POST request to the address: that contains a SAML message with the ST ticket (details of this process are described in the CAS and SAML documentation) If ST is an existing ticket issued for this application, the CAS will return the logged in username and their attributes. Based on these data the application the application authenticates the user.
2 Description of the login and data received upon authentication Users may login with identifiers: (where login is the USOSweb 1 ) Following cases are possible: 1. user logged in using firstname.familyname@uj.edu.pl 2. user logged in using login@usosweb.uj.edu.pl, his/her USOSweb account is authorized by LDAP and he/she has activated account firstname.familyname@uj.edu.pl 3. user logged in using login@usosweb.uj.edu.pl, his/her USOSweb account is authorized by LDAP and he/she has NOT activated account 4. user logged in using login@usosweb.uj.edu.pl, his/her USOSweb account is NOT authorized by LDAP Provided the user has given the right password, the following data will be returned: Ad 1. login: firstname.familyname@uj.edu.pl attributes: first name, family name, uid, mailuserstatus, usos_id *** Ad 2. login: firstname.familyname@uj.edu.pl attributes: first name, family name, uid, mailuserstatus, usos_id Ad 3. login: uid@ldap.uj.edu.pl attributes: first name, family name, uid, mailuserstatus, usos_id*** Ad 4. login: login@usosweb.uj.edu.pl attributes: first name, family name, usos_id As may it may be seen from points 2 and 3, when only possible, the login is cast on the address or uid@ldap.uj.edu.pl for better flexibility. The data will be return with SAML protocol only. This mechanism is available in: production context ( test context ( In addition, there is a simplified test context available which enables authorization of any given login with the password sso. Remark: Local application should handle in a correct way all the situations in which a person is authenticated with CAS, but not authorized in the local application (does not have or cannot have there an account). *** usos_id will be return for for case 1 and 3 under the condition that user has an USOS account 1 USOSWeb Deanery System at Jagiellonian University
3 Sign out from Central Login and associated applications Central Login supports a Single-Sign-Out mechanism following rules described in the CAS documentation. Signing out from Central Login is the result of calling the URL Its execution may be initiated by the user (e.g. by clicking on the logout link on the Central Login page) or by an external application (by redirecting the user to the sign out page). Signing out from CAS results in: 1. closing the uses session in CAS, 2. broadcasting to all services to which the user logged in during the session a LogoutRequest message with Service Tickets of logged-out sessions. The message is sent to the application using POST method to the URL given initially in the service parameter while logging in. The request contains following data: <samlp:logoutrequest xmlns:samlp="urn:oasis:names:tc:saml:2.0:protocol" ID="[RANDOM ID]" Version="2.0" IssueInstant="[CURRENT DATETIME]"> <saml:nameid xmlns:saml="urn:oasis:names:tc:saml:2.0:assertion">@not_used@</ saml:nameid> <samlp:sessionindex>[session ID: ST-xxyyyyyyyyyy]</samlp:SessionIndex> </samlp:logoutrequest> Remark: one request may contain many SessionIndex items. Each of those comprise of a session identifier same as the ticket used for authenticating the user in the application. We recommend that the sing out mechanism works the following way: 1. on clicking logout signs out from the application 2. after signing out from the application, sign out from CAS This order guarantees that even in case of CAS failure the user will be signed out from the application for which the user pressed the logout button.
4 Rules for session sustaining in Central Login and associated applications The session time duration in login.uj.edu.pl and associated application is defined by CAS. This is governed by following principles: Session time duration in CAS is set to 50 minutes; The session is prolonged on every activity of the user on the CAS page; When the session time in CAS is over, the user is logged out from CAS and all associated applications (a sign out message is broadcasted to all applications); Session time duration in associated durations is set not less than in CAS e.g minutes (so that the user will not lose his/her session before the end of CAS session); Before the CAS signs out it sends a request to all associated applications asking about the time of last user activity. If there was such an activity the session time is prolonged so it will end 50 minutes later. Technical details: CAS queries associated application using the URL from which the user logged it (submitted to CAS in the service parameter). The request is sent using POST with the parameter: lastaccessedtimerequest=<lastaccessedtimerequest><sessionindex> ST-xx-yyyyyyyyyy</SessionIndex></LastAccessedTimeRequest> where ST-xx-yyyyyyyyyy is the ticket that authenticated the user for the application. In response you are supposed to send a Unix timestamp (in miliseconds) in the form: <LastAccessedTimeResponse><LastAccessedTime>TIMESTAMP</LastAcce ssedtime></lastaccessedtimeresponse> where TIEMSTAMP is the numerical value of the timestamp. Applications should have already a built in logout mechanism, so the session control may be implemented in a similar way. You should consider that the service parameter sent to CAS while login may change so it is not enough to detect POST requests under a given address (same as in the case of logging out).
5 Tabs on the Central Login page The Central Login page contains information grouped in tabs (on clicking on a tab name the content of the panel is displayed without reloading the page). By default the tab About Central Login is displayed. However, it is possible to display a different tab when given a specific value in the tab parameter of the GET request. The permitted parameter values are: opunkcie {About Central Login} pomoc {Help} listaserwisow {List of services} aktywacja { activation} zmianahasla {Password change} Example how to use it: A link for changing the password to be placed in the application for logged in users: A link to the list of services:
6 Different language versions of Central Login The Central Login page is available in the Polish and English language version. Selection of a language version may be enforced by the locale parameter. Polish version: English version: In case the locale parameter is not given, the application will select the language base on web browser setting or based on cookies (in case the user has changed the language version of Central Login before by clicking on one of the national flags presented on the web page). We recommend to redirect to the English version of the application always including the parameter locale=en.
7 Requirements for connecting applications to Central Login The following requirements should be met in order to connect your application to the production version of Central Login ( From the technical point of view the application should: implement authentication via Central Login implement a single sign out mechanism implement previously describe mechanisms for sustaining user session In interaction with the user: the application should facilitate a log out possibility (log out link visible on all pages of the application) the application should never ask the user for a password in case is required to log out just from the application but not CAS, the user should be presented with an adequate message and an opportunity to select the log out type if the application would like to provide the user with an opportunity to change password, it has to be implemented by redirecting the user to the Change password tab of Central Login Before release of the application it is required that at least one person is declared to ZAiIS 2 as responsible for the technical and formal issues of the application (e.g. the head of the unit). It is required to provide first and family names and addresses. Before the production release the application has to be tested by the ZAiIS staff. In order to do that the staff has to be given access to the application. After a positive verification the application will be granted access to the Central Login. The ZAiIS staff may preform regular test of the application and in case of detecting inconsistency with the above described procedure withdraw access of the application to Central Login (after the application owner has been informed about the detected issues). 2 ZAiIS - Section for Architecture and Integration of the IT Department of Jagiellonian University
MAINTENANCE HELPDESK SYSTEM USER MANUAL: CUSTOMER (STAFF) VERSION 2.0
MAINTENANCE HELPDESK SYSTEM USER MANUAL: CUSTOMER (STAFF) VERSION 2.0 TABLE OF CONTENTS NO TOPICS PAGES 1 LOGIN 1-3 2 CHANGE PASSWORD 4 3 CREATE NEW REQUEST 5-7 4 VIEW REQUEST 8-9 5 LOGOUT 10 6 FORGOT
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 Single Sign on Single Service Provider Agreement, page 2 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 3 Cisco Unified Communications Applications
More informationTrusted Login Connector (Hosted SSO)
Trusted Login Connector (Hosted SSO) Table of Contents Summary... 3 Frequently Asked Questions... 3 Architecture... 5 Installation/configuration... 5 2 Summary New functionality allows SelectHR users to
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More informationUsing VMware Horizon Workspace to Enable SSO in VMware vcloud Director 5.1
Using VMware Horizon Workspace to Enable SSO in VMware vcloud Director 5.1 March 2013 Using VMware Horizon Workspace to Enable SSO This product is protected by U.S. and international copyright and intellectual
More informationHow to Configure Authentication and Access Control (AAA)
How to Configure Authentication and Access Control (AAA) Overview The Barracuda Web Application Firewall provides features to implement user authentication and access control. You can create a virtual
More informationSuomi.fi e-identification Technical interface description
Suomi.fi e-identification Technical interface description 1 Suomi.fi e-identification operating environment Suomi.fi e-identification offers a user authentication service for e-services across a SAML 2.0
More informationOperating Level Agreement for NYU Login Service
Operating Level Agreement for NYU Login Service This Operating Level Agreement (OLA) documents the agreement regarding support of Single Sign-On (SSO) services for the (Partner Service), which has been
More informationAffinity Provider Portal Training Manual
Training Manual Login This page enables a user to either login and/or register if he/she is not already a regstered user (ie. Providers and Staff users). The following are the functionalities which can
More informationVAM. CAS Installer (for 2FA) Value- Added Module (VAM) Deployment Guide
VAM CAS Installer (for 2FA) Value- Added Module (VAM) Deployment Guide Copyright Information 2018. SecureAuth is a registered trademark of SecureAuth Corporation. SecureAuth s IdP software, appliances,
More informationCA SiteMinder Federation
CA SiteMinder Federation Legacy Federation Guide 12.52 SP1 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationBusiness Online Banking. Remote Business Deposit Quick Start Guide
Business Online Banking Remote Business Deposit Quick Start Guide Table of Contents Creating a New Deposit.. 2 Capturing Deposits.. 4 Correcting Deposits... 7 Balancing Deposits 9 Multiple Deposit Accounts..
More informationSAML Single Sign On Integration
SAML Single Sign On Integration (Document for FluidReview Clients) November 29, 2016, Revision #2, Heather McBride (heatherm@surveymonkey.com), Jessica Doyle, Sean Clancy, Nate Beacham, Adam Di Tota, Jonathan
More informationCentral Authentication Service Integration 2.0 Administration Guide May 2014
Central Authentication Service Integration 2.0 Administration Guide May 2014 Contents Purpose of this document About CAS Compatibility New features in this release Copyright 2014 Desire2Learn Incorporated.
More informationNimsoft Service Desk. Single Sign-On Configuration Guide. [assign the version number for your book]
Nimsoft Service Desk Single Sign-On Configuration Guide [assign the version number for your book] Legal Notices Copyright 2012, CA. All rights reserved. Warranty The material contained in this document
More informationSystem Administrator s Guide Login. Updated: May 2018 Version: 2.4
System Administrator s Guide Login Updated: May 2018 Version: 2.4 Contents CONTENTS... 2 WHAT S NEW IN THIS VERSION 2018R1 RELEASE... 4 Password Retrieval via Email (GDPR Alignment)... 4 Self-Registration
More informationIDENTITY MANAGEMENT & SINGLE SIGN-ON (SSO) HELP GUIDE UPDATED JUNE 2018
IDENTITY MANAGEMENT & SINGLE SIGN-ON (SSO) HELP GUIDE UPDATED JUNE 2018 Identity Management Benefits Single Sign-On (SSO) Login and gain access to desired DAU applications Eliminates the need for multiple
More informationPerson Proxy Information
Person Proxy Information General Proxy Information Proxy: A person authorized to act on the behalf of another A student can designate an individual as his/her proxy to have access to designated pages in
More informationOracle Utilities Opower Solution Extension Partner SSO
Oracle Utilities Opower Solution Extension Partner SSO Integration Guide E84763-01 Last Updated: Friday, January 05, 2018 Oracle Utilities Opower Solution Extension Partner SSO Integration Guide Copyright
More informationWebthority can provide single sign-on to web applications using one of the following authentication methods:
Webthority HOW TO Configure Web Single Sign-On Webthority can provide single sign-on to web applications using one of the following authentication methods: HTTP authentication (for example Kerberos, NTLM,
More informationUser Management: Configuring User Roles and Local Users
6 CHAPTER User Management: Configuring User Roles and Local Users This chapter describes the following topics: Overview, page 6-1 Create User Roles, page 6-2 Create Local User Accounts, page 6-15 For details
More informationIsi Net User Manual for Bank customers
1 Table of Contents 1 Introduction and overview... 4 1.1 Isi Net User Types... 4 1.2 Accessing the Isi Net service... 5 1.2.1 User Login... 5 1.2.2 User Logout... 7 1.3 User Interface... 7 1.3.1 Menus...
More informationHow to Edit General Institutional Preferences
How to Edit General Institutional Preferences Click Institution under Administration - to View or Edit General Institutional Preferences. Choices in settings here apply to the entire Institution and all
More informationUser Guide. Version R92. English
AuthAnvil User Guide Version R92 English October 9, 2015 Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s Click-Accept EULATOS as updated from
More informationRadius, LDAP, Radius used in Authenticating Users
CSCD 303 Lecture 5 Fall 2017 Kerberos Radius, LDAP, Radius used in Authenticating Users Introduction to Centralized Authentication Kerberos is for authentication only and provides Single Sign-on (SSO)
More informationQualys SAML 2.0 Single Sign-On (SSO) Technical Brief
Qualys SAML 2.0 Single Sign-On (SSO) Technical Brief Qualys provides its customers the option to use SAML 2.0 Single SignOn (SSO) authentication with their Qualys subscription. When implemented, Qualys
More informationApplying for a Position
VIRTUALEDGE HIGH VOLUME Applying for a Position 1. Applicants will go to www.savemart.com. On the home page, click CAREERS. 2. On the Join OUR TEAM page, click either Store Level or Distribution Centers.
More informationCA Single Sign-On and LDAP/AD integration
CA Single Sign-On and LDAP/AD integration CA Single Sign-On and LDAP/AD integration Legal notice Copyright 2017 LAVASTORM ANALYTICS, INC. ALL RIGHTS RESERVED. THIS DOCUMENT OR PARTS HEREOF MAY NOT BE REPRODUCED
More informationFirst Data ServiceCenter Web
First Data ServiceCenter Web ServiceCenter Web User Guide Version 1.5 June 14, 2010 Page 1 of 11 Table of Contents I. ServiceCenter Web Overview ServiceCenter Overview... 3 II. ServiceCenter Web Login
More informationThe Ethic Management System (EMS) User guide
The Ethic Management System (EMS) User guide On the web browser, type the URL link: https://www.witsethics.co.za Click on Login (on right corner of top menu bar) to access the Ethics Management System
More informationDESIGN OF WEB SERVICE SINGLE SIGN-ON BASED ON TICKET AND ASSERTION
DESIGN OF WEB SERVICE SINGLE SIGN-ON BASED ON TICKET AND ASSERTION Abstract: 1 K.Maithili, 2 R.Ruhin Kouser, 3 K.Suganya, 1,2,3 Assistant Professor, Department of Computer Science Engineering Kingston
More informationUser Guide. Version R94. English
AuthAnvil User Guide Version R94 English March 8, 2017 Copyright Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s Click-Accept EULATOS as updated
More informationIntegration of the platform. Technical specifications
Introduction This document is meant as a reference and specification guide to carry out the integration between Gamelearn s platform and the different Learning Management System platforms of the client,
More informationEnhancing cloud applications by using external authentication services. 2015, 2016 IBM Corporation
Enhancing cloud applications by using external authentication services After you complete this section, you should understand: Terminology such as authentication, identity, and ID token The benefits of
More informationContents. Table of Contents
1 Table of Contents Contents 1. INTRODUCTION... 3 2. HOW TO USE THIS MANUAL... 3 3. MAILBOX ACTIVATOR... 4 4. ERROR MESSAGES FOR MAILBOX ACTIVATOR... 7 5. DYNAMIC DNS ACTIVATOR... 9 6. ERROR MESSAGES FOR
More informationConnect-2-Everything SAML SSO (client documentation)
Connect-2-Everything SAML SSO (client documentation) Table of Contents Summary Overview Refined tags Summary The Connect-2-Everything landing page by Refined Data allows Adobe Connect account holders to
More informationMotionPro Android Release Note
MotionPro Android 2.3.0 Release Note Release Date: June 26, 2015 Introduction This release document summarizes the device requirements, improvements and limitations for the release of the MotionPro Android
More informationTechnical Query (TQ) Application - Vendor Documentation
Technical Query (TQ) Application - Vendor Documentation Page 1 of 14 Table of Contents Introduction:... 3 Important Links:... 3 Registration Process:... 3 TQ Application Dashboard Fields Explanation...
More informationVMware Identity Manager Administration
VMware Identity Manager Administration VMware Identity Manager 2.4 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationCA SiteMinder. Federation Manager Guide: Legacy Federation. r12.5
CA SiteMinder Federation Manager Guide: Legacy Federation r12.5 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationOSF UnifyCOMMERCE for Commerce Cloud. OSF UnifyCOMMERCE COMMUNITY Integration. User Guide
OSF UnifyCOMMERCE for Commerce Cloud OSF UnifyCOMMERCE COMMUNITY Integration User Guide Table of Contents 1 Introduction... 3 2 Salesforce Commerce Cloud Salesforce Community Single Sign-On3 3 Salesforce
More informationCustomer Care Portal User Guide
Customer Care Portal User Guide Table of Contents Logging In...3 Live Chat... 3 Viewing your Cases...4 Logging a Case for Customer Support...4 Projects...6 Knowledge Base....6 Content.....7 Forms...7 Event
More informationGriffith Service Manager (GSM) Using Bomgar Remote Access
GSM Using Bomgar Remote Access guide Griffith Service Manager (GSM) Using Bomgar Remote Access The Bomgar Representative Console is the desktop application used to make connections to remote devices. The
More informationSetting Up Resources in VMware Identity Manager (SaaS) Modified 15 SEP 2017 VMware Identity Manager
Setting Up Resources in VMware Identity Manager (SaaS) Modified 15 SEP 2017 VMware Identity Manager Setting Up Resources in VMware Identity Manager (SaaS) You can find the most up-to-date technical documentation
More informationTAS Self Service Reporting Overview
TAS provides several self service reporting tools. This document briefly describes how to access them and gives a basic explanation of their functionality. It does not attempt to explain how to use the
More informationAcceptance Test Plan and Cases (ATPC)
Acceptance Test Plan and Cases (ATPC) LEMA Pilot School Integrated Scheduling Team Number 12 Name Primary Role Secondary Role David Wiggins Project Manager Developer Aakash Shah Prototyper Developer Kushalpreet
More informationHow to Login, Logout and Manage Password (QRG)
How to Login, Logout and Manage Password (QRG) This Quick Reference Guide covers the following topics: 1. How to login in to the DCC. How to change (reset) your password 3. What to do if you have forgotten
More informationImplement SAML 2.0 SSO in WLS using IDM Federation Services
Implement SAML 2.0 SSO in WLS using IDM Federation Services Who we are Experts At Your Service > Over 60 specialists in IT infrastructure > Certified, experienced, passionate Based In Switzerland > 100%
More informationSecure Access Manager User Guide December 2017
Secure Access Manager User Guide December 2017 Copyright 2017 Exostar, LLC All rights reserved. 1 INTRODUCTION... 3 SUMMARY... 3 BASIC FUNCTIONS... 3 LOGIN TO YOUR SAM ACCOUNT... 3 How to Activate your
More informationEntrust GetAccess 7.0 Technical Integration Brief for IBM WebSphere Portal 5.0
Entrust GetAccess 7.0 Technical Integration Brief for IBM WebSphere Portal 5.0 November 2004 www.entrust.com 1-888-690-2424 Entrust is a registered trademark of Entrust, Inc. in the United States and certain
More informationLiferay Security Features Overview. How Liferay Approaches Security
Liferay Security Features Overview How Liferay Approaches Security Table of Contents Executive Summary.......................................... 1 Transport Security............................................
More informationSAML Authentication with Pulse Connect Secure and Pulse Secure Virtual Traffic Manager
SAML Authentication with Pulse Connect Secure and Pulse Secure Virtual Traffic Manager Deployment Guide Published 14 December, 2017 Document Version 1.0 Pulse Secure, LLC 2700 Zanker Road, Suite 200 San
More informationUser Guide Version 1.3
CCNA Publishing Distributors User Guide Version 1.3 Prepared by TRIMAP Communications Inc. 1210 Sheppard Ave E., Toronto, ON, M2K 1E3 Tel: 416.492.2114 April 15, 2008 Table of Contents User Profile and
More informationSecure single sign-on for cloud applications
Secure single sign-on for cloud applications Secure single sign-on for cloud applications Traditional on-premises tools used to rule the IT environments of most organizations, but now cloud applications
More informationHow to social login with Aruba controller. Bo Nielsen, CCIE #53075 (Sec) December 2016, V1.00
Bo Nielsen, CCIE #53075 (Sec) December 2016, V1.00 Overview This short document describes the basic setup for social login using Aruba ClearPass and Aruba wireless LAN controller. Aruba ClearPass, version
More informationClick E Money Laravel Application
Click E Money Laravel Application Member User Manual Version 1.0 2016 Click E Money All Rights Reserved. Member Panel User guide: Authentication & Registration: Member sign-in Forgot your password Member
More informationE-Learning Portal Online User Manual
E-Learning Portal Online User Manual [For Dealer Admin] Contents 1. Introduction... 3 2. Computer/Browser Specification... 4 3. Using the Application:... 5 4. Logging On:... 6 5. Forgot Password... 7 6.
More informationmaxecurity Product Suite
maxecurity Product Suite Domain Administrator s Manual Firmware v2.2 ii Table of Contents BASICS... 1 Understanding how maxecurity products work in your company... 1 Getting started as a Domain Administrator...
More informationSecure Access Manager User Guide September 2017
Secure Access Manager User Guide September 2017 1 1 INTRODUCTION... 3 1.1 SUMMARY... 3 2 BASIC FUNCTIONS... 3 2.1 LOGIN TO YOUR SAM ACCOUNT... 3 2.1.1 How to Activate your Account... 3 2.1.2 How to Login
More informationApril Understanding Federated Single Sign-On (SSO) Process
April 2013 Understanding Federated Single Sign-On (SSO) Process Understanding Federated Single Sign-On Process (SSO) Disclaimer The following is intended to outline our general product direction. It is
More informationIntegrating IBM Security Privileged Identity Manager with ObserveIT Enterprise Session Recording
Integrating IBM Security Privileged Identity Manager with ObserveIT Enterprise Session Recording Contents 1 About This Document... 2 2 Overview... 2 3 Before You Begin... 2 4 Deploying ObserveIT with IBM
More informationUser Manual for Testing Accounts
User Manual for Testing Accounts User Manual for Release No.: FNA1.4.00 (Last Updated: - 21 st August, 2015) Table of Contents 1.Online Testing System... 3 1.1 Edit Profile/Settings... 4 1.1.1 Edit your
More informationConfiguring Alfresco Cloud with ADFS 3.0
Configuring Alfresco Cloud with ADFS 3.0 Prerequisites: You have a working domain on your Windows Server 2012 and successfully installed ADFS. For these instructions, I created: alfresco.me as a domain
More informationSingle Sign-On (SSO)Technical Specification
Single Sign-On (SSO)Technical Specification Audience: Business Stakeholders IT/HRIS Table of Contents Document Version Control:... 3 1. Overview... 4 Summary:... 4 Acronyms and Definitions:... 4 Who Should
More informationRadius, LDAP, Radius, Kerberos used in Authenticating Users
CSCD 303 Lecture 5 Fall 2018 Radius, LDAP, Radius, Kerberos used in Authenticating Users Kerberos Authentication and Authorization Previously Said that identification, authentication and authorization
More informationTest Plan for Liberty Alliance SAML Test Event Test Criteria SAML 2.0
1 2 3 4 5 6 7 8 9 10 11 Test Plan for Liberty Alliance SAML Test Event Test Criteria SAML 2.0 Version 3.1 Editor: Kyle Meadors, Drummond Group Inc. Abstract: This document describes the test steps to achieve
More informationPerson Proxy Information
Person Proxy Information General Proxy Information Proxy: A person authorized to act on the behalf of another A student can designate an individual as his/her proxy to have access to designated pages in
More informationMicrosoft Office 365 Integration. Administrator Guide
Administrator Guide Contents Contents DOCUMENT CHANGE HISTORY...3 ABOUT MICROSOFT OFFICE 365 INTEGRATION WITH BRIGHTSPACE LEARNING ENVIRONMENT...4 MICROSOFT OFFICE 365 PERMISSIONS...4 BROWSER CONSIDERATION
More informationSTEP 1. Go to the CNR Virtual HelpDesk at Then select Student Network Accounts
STEP 1 Go to the CNR Virtual HelpDesk at www.cnr.edu/helpdesk Then select Student Network Accounts Read the Acceptable Use Policy and then click Agree STEP 2 Please make note of your username as you will
More informationDesign document for CSC/ECE 517 Fall 2002 Semester Project Security & Visibility for PG
Design document for CSC/ECE 57 Fall 2002 Semester Project Security & Visibility for PG Authors: Jianjun Huo Lilian Seow Mack Steadman jhuo@unity.ncsu.edu lseow@us.ibm.com msteadman@triad.rr.com Tiejun
More informationSystem and Software Architecture Description (SSAD)
System and Software Architecture Description (SSAD) FlowerSeeker Team 05 Name Eder Figueroa Sophia Wu Doris Lam Hiram Garcia Roles Primary Role: Project Manager/ Implementer. Secondary Role: Tester. Primary
More informationForgeRock Access Management Customization and APIs
training@forgerock.com ForgeRock Access Management Customization and APIs Description AM-421 Course Description Revision B This course provides a hands-on technical introduction to ForgeRock Access Management
More informationPassKey Manager Guide
PassKey Manager Guide Blackboard Web Community Manager Trademark Notice Blackboard, the Blackboard logos, and the unique trade dress of Blackboard are the trademarks, service marks, trade dress and logos
More informationGOBENCH IQ Release v
GOBENCH IQ Release v1.2.3.3 2018-06-11 New Add-Ons / Features / Enhancements in GOBENCH IQ v1.2.3.3 GOBENCH IQ v1.2.3.3 contains several new features and enhancements ** New version of the comparison Excel
More informationDepartment of Health & Family Welfare, Govt. of Odisha
Pharmacist s Manual for PMIS Odisha Pharmacy Council Department of Health & Family Welfare, Govt. of Odisha Pharmacist s Manual-PIMS Page 1 Table of Contents 1. Introduction---------------------------------------------------------------------------------------
More information13241 Woodland Park Road, Suite 400 Herndon, VA USA A U T H O R : E X O S T A R D ATE: M A R C H V E R S I O N : 3.
SECURE ACCESS MAN AG E R FIRST TIME LOGIN GUIDE A U T H O R : E X O S T A R D ATE: M A R C H 2 0 1 5 V E R S I O N : 3.0 1 S E C U R E A CCESS M A N A G E R SECURE ACCESS MANAGER OVERVIEW... 3 SUMMARY...
More informationHow to Configure SSL VPN Portal for Forcepoint NGFW TECHNICAL DOCUMENT
How to Configure SSL VPN Portal for Forcepoint NGFW TECHNICAL DOCUMENT Ta Table of Contents Table of Contents TA TABLE OF CONTENTS 1 TABLE OF CONTENTS 1 BACKGROUND 2 CONFIGURATION STEPS 2 Create a SSL
More informationAaple Sarkar DBT Portal
Aaple Sarkar DBT Portal Aaple Sarkar DBT Portal (Direct Benefit Transfer) is an initiative taken by the Government of Maharashtra, which is a unique Platform for Citizens to help them to avail benefits
More informationCA SiteMinder Federation Security Services
CA SiteMinder Federation Security Services Federation Endpoint Deployment Guide r6.0 SP 5 Fourth Edition This documentation and any related computer software help programs (hereinafter referred to as the
More informationNetwork Configuration Example
Network Configuration Example Configuring Authentication and Enforcement Using SRX Series Services Gateways and Aruba ClearPass Policy Manager Modified: 2016-08-01 Juniper Networks, Inc. 1133 Innovation
More informationLoad testing with WAPT: Quick Start Guide
Load testing with WAPT: Quick Start Guide This document describes step by step how to create a simple typical test for a web application, execute it and interpret the results. A brief insight is provided
More informationLDAP Synchronization Secure Coding Guide
1] User Documentation (English) Celonis Discovery LDAP Synchronization Secure Coding Guide Version 1.3 Version 1.0 Corresponding Software Version: 4.2 This This document document is copyright is copyright
More informationRegions OnePass USER GUIDE. It s time to expect more. Regions Bank Member FDIC Revised
Regions OnePass USER GUIDE It s time to expect more. Regions Bank Member FDIC Revised 051616 User Guide Table of Contents Section I. Regions OnePass Basics 3 What Is Regions OnePass? 3 Minimum Browser
More informationSupplier Response Guide. Access Supplier Portal to Review and Respond to Bid Opportunities
Access Supplier Portal to Review and Respond to Bid Opportunities Contact entered for commodity code (and established proxies) will receive email notification of bid opportunity. 1. Login to the Supplier
More informationUsers. LDAP Synchronization Overview
LDAP Synchronization Overview, page 1 Configure Workflow, page 3 Activate Services, page 3 Enable LDAP Directory Synchronization, page 4 Configure LDAP Directory Sync, page 4 Authentication Options, page
More informationSingle Sign On through PingOne. Go to https://desktop.pingone.com/changehealthcare and click on the Change Healthcare IdentityIQ icon.
What is IdentityIQ? IdentityIQ is Change Healthcare s governance-based Identity & Access Management (IAM) software solution that will become a one-stop shop for compliance, password management, and provisioning
More informationBusiness Manager Net. Supplemental Manual
Business Manager Net Supplemental Manual Copyright: Atlantis Consulting Group Inc., 2010 Page: 1 Introduction...3 How to log in and access Business Manager Net...3 Website information...3 Login operation...4
More informationAppScaler SSO Active Directory Guide
Version: 1.0.3 Update: April 2018 XPoint Network Notice To Users Information in this guide is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless
More informationUser Guide. For. The EDB Portal
User Guide For The EDB Portal Distribution List: EDB Intranet Complied On: July 2007 Version Number: 1.4 Prepared By: Information Technology Management Division (ITMD) TABLE OF CONTENT TABLE OF CONTENT
More informationHow to Use Your EV Connect Account
How to Use Your EV Connect Account Accessing the EV Connect Network To access the EV Connect network, point your web browser to http://network.evconnect.com. This brings you to the account login page.
More informationCloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0
Cloud Access Manager 8.1.3 How to Configure for SSO to SAP Copyright 2017 One Identity LLC. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described
More informationSecure Web Appliance. Basic Usage Guide
Secure Web Appliance Basic Usage Guide Table of Contents 1. Introduction... 1 1.1. About CYAN Secure Web Appliance... 1 1.2. About this Manual... 1 1.2.1. Document Conventions... 1 2. Description of the
More informationIntroduction... 5 Configuring Single Sign-On... 7 Prerequisites for Configuring Single Sign-On... 7 Installing Oracle HTTP Server...
Oracle Access Manager Configuration Guide for On-Premises Version 17 October 2017 Contents Introduction... 5 Configuring Single Sign-On... 7 Prerequisites for Configuring Single Sign-On... 7 Installing
More informationSchool Referral User Guide
School Referral User Guide Introduction The Pupil Referral Portal is designed to facilitate the current physical referral processes in an online environment and will provide greater consistency, visibility
More informationAAI Login Demo. SWITCHaai Introduction Course Bern, 1. March Daniel Lutz
SWITCHaai Introduction Course Bern, 1. March 2013 Daniel Lutz aai@switch.ch Agenda Illustration of protocol flow SAML2, Web Browser SSO Live demonstration 2 Protocol Flow IdP SP http://www.switch.ch/aai/demo/
More informationEnterprise Access Gateway Management for Exostar s IAM Platform June 2018
Enterprise Access Gateway Management for Exostar s IAM Platform June 2018 Copyright 2018 Exostar LLC All rights reserved. 1 Version Impacts Date Owner Enterprise Access Gateway (EAG) Guide Revised June
More informationUser Guide of PIP System for Employers
User Guide of PIP System for Employers https://pip.cintec.cuhk.edu.hk/jobs/index.php Enquiry: Placement and Internship Programme Coordinator Centre for Innovation and Technology The Chinese University
More informationMyRA Quick Guide Version 4.0
MyRA Quick Guide Version 4.0 OFFICE OF RESEARCH ADMINISTRATION LAST MODIFIED: November 3, 2014 Contents Contents... 2 Logging In... 4 Dashboard... 5 Navigation... 6 MyProposals... 7 MyProposals: Proposal
More informationNETOP PORTAL ADFS & AZURE AD INTEGRATION
22.08.2018 NETOP PORTAL ADFS & AZURE AD INTEGRATION Contents 1 Description... 2 Benefits... 2 Implementation... 2 2 Configure the authentication provider... 3 Azure AD... 3 2.1.1 Create the enterprise
More informationEnhanced OpenID Protocol in Identity Management
Enhanced OpenID Protocol in Identity Management Ronak R. Patel 1, Bhavesh Oza 2 1 PG Student, Department of Computer Engg, L.D.College of Engineering, Gujarat Technological University, Ahmedabad 2 Associate
More information