Educause Security Discussion mailing list archives
single sign-on strategies
From: Craig Blaha <blaha () TCNJ EDU>
Date: Fri, 30 Jan 2004 08:40:43 -0500
The College of New Jersey is in the process of developing our single sign-on strategy as we prepare to integrate our first enterprise application - HRMS - into our portal. We are considering using a partial single sign-on strategy: a user logs into what I'm calling the "casual" portal which gives them access to the news, their e-mail, navigation and (perhaps) self-service. If the user tries to access an administrative screen of an enterprise application such as HR or Finance, they are prompted to re-enter their password. The enterprise applications would each have their own time out, and username/password would be handled by LDAP. The goal is to strike a balance between security and ease of use that is closer to the secure side of the continuum than a true SSO solution. Has anyone else done this or something similar? I would be interested in any thoughts/lessons learned. Sincerely, Craig Blaha -- *Craig Blaha* /Associate Director Information Policy, Security and Web Development/ The College of New Jersey PO Box 7718 Ewing, NJ 08628 www.tcnj.edu -------------------------------------------------------------- Reminder: E-mail sent through the Internet is not secure. Do not use e-mail to send confidential information such as credit card numbers, changes of address, PIN numbers, passwords, or other important information. Your e-mail message is not private in that it is subject to review by the College, its officers, agents and employees. -------------------------------------------------------------- ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- single sign-on strategies Craig Blaha (Jan 30)
- <Possible follow-ups>
- Re: single sign-on strategies Herrera Reyna Omar (Jan 30)
- Re: single sign-on strategies Bruhn, Mark S. (Feb 23)