[unisog] LDAP access for 3rd parties

Russell Fulton r.fulton at auckland.ac.nz
Fri Feb 15 05:33:29 GMT 2008

On 14/02/2008, at 7:24 AM, Christopher A Bongaarts wrote:

> In the immortal words of Pete Hickey:
>>> Every external vendor I have worked with takes the password supplied
>>> by the "user",
>> and BANG!  They have a userid and password.  If you're a place
>> with a single userid/password for most applications, there could
>> be a fair amount of value to it.
> Indeed.
>> A better scheme would be sending control to university machine, which
>> accepts the credentials and then sends the 3rd party a yes/no...  
>> Similar
>> to how it is done with some types of credit card verifications.
> Even better is a system designed for handling inter-institutional
> authentication, such as Shibboleth.
>  http://shibboleth.internet2.edu/

We use cosign, radius and ldap on campus and shibboleth in the wider  


works well for use and we select vendors on whether on not they can  
work with out infrastructure.

Currently we are implementing a outsourced recruitment/initial contact  
system (to RightNow) but are handling all the authentication stuff  
ourselves on *our* webservers that then redirect back to the  


More information about the unisog mailing list