Corporate Authentication Systems (hell!)

I’ve been struggling recently with the ‘enterprise security system’ in place at the OU. This is some obscure system invented in-house (by sadists) to authenticate people against our systems.

It works OK most of the time but it’s not standards-based. It doesn’t talk LDAP. It doesn’t talk to other authentication systems in any meaningful way. You need to set it up on every service you run. You need to set up ‘tokens’ in every directory of web servers where it’s installed to tell them who to allow in. etc etc.

We have a myriad of great systems in the university but they are being hamstrung by the fact that we can do any kind of meaningful pass through authentication. Luckily a colleague of mine has invented a mechanism for getting the  system to work in harmony with OpenID and we’re close to achieving some way to allow us to work with other systems more meaningfully in the future. I’m very frustrated about it now though because although the current system works reasonably well for people in the OU there is no reasonable way of allowing ‘authenticated visitor’ or ‘logged in public’ access in any meaningful way, we can of course merge authentication systems for a particular services (as I do) but this gives problems later when the same visitors want to access other OU services.
I’m not sure how much of a problem this is elsewhere but I would guess that the lack of a decent authentication and user verification service has put the OU back several years in development time because every new project with a mixed user community(OpenLearn being the most recent example) will have to find some sort of individual workaround. Central services don’t see a problem because most of the services they provide are staff only (or student only) and therefore it’s simple for them and anyone else doing development across user spheres just has to find their own solution.

Rant over I’m off for a bath now!

Advertisements

About willwoods
I'm Head of Learning and Teaching Technologies in the Institute of Educational Technology at the Open University.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: