[Eagle-i-admins] SWEET authentication via LDAP/Kerberos

[Cheng, Sophia]

Hi Mike,

Thanks for your question. eagle-i was developed as a stand alone application including built-in authentication, so options to use external authentication services were not part of our original scope.  If you'd like to develop a solution to use LDAP instead of the Derby database eagle-i uses, we can certainly provide some assistance. I'm sure that this would be valuable to other institutions as well.

Recently, we branched our code and assisted another institution in developing a single sign on using CAS.  If you are interested in going a similar route and developing LDAP authentication, we can have a call to discuss scope and resources before you make the decision.

Sincerely,
Sophia

--
Sophia K. Cheng
Software Technical Lead
eagle-i @ Harvard University
Vanderbilt Hall, 019
107 Avenue Louis Pasteur
Boston MA 02115
Skype: sophia.k.cheng
Web: www.eagle-i.net<http://www.eagle-i.net/>

From: <Carnegie>, Mike <mcarnegie at hmc.psu.edu<mailto:mcarnegie at hmc.psu.edu>>
Date: Tuesday, November 19, 2013 10:30 AM
To: Sophia <sophia_cheng at hms.harvard.edu<mailto:sophia_cheng at hms.harvard.edu>>, "Robertson, Jim" <jrobertson3 at hmc.psu.edu<mailto:jrobertson3 at hmc.psu.edu>>, "'eagle-i-admins at open.med.harvard.edu<mailto:'eagle-i-admins at open.med.harvard.edu>'" <eagle-i-admins at open.med.harvard.edu<mailto:eagle-i-admins at open.med.harvard.edu>>
Subject: RE: [Eagle-i-admins] SWEET authentication via LDAP/Kerberos

Hi Sophia,

We were looking for a way to use Kerberos authentication within Sweet.

If there is a way to integrate LDAP for authorization we could take a look at that as well. But it is not as important as users having to manage multiple passwords.

Thanks

-Mike Carnegie
________________________________
From: Cheng, Sophia [Sophia_Cheng at hms.harvard.edu<mailto:Sophia_Cheng at hms.harvard.edu>]
Sent: Monday, November 18, 2013 13:14
To: Robertson, Jim; 'eagle-i-admins at open.med.harvard.edu<mailto:'eagle-i-admins at open.med.harvard.edu>'
Cc: Carnegie, Mike
Subject: Re: [Eagle-i-admins] SWEET authentication via LDAP/Kerberos

Hi Jim,

Could you clarify whether you are looking to integrate directly to LDAP/Kerberos or integrating to an authentication system using Kerberos?

Sincerely,
Sophia

--
Sophia K. Cheng
Software Technical Lead
eagle-i @ Harvard University
Vanderbilt Hall, 019
107 Avenue Louis Pasteur
Boston MA 02115
Skype: sophia.k.cheng
Web: www.eagle-i.net<http://www.eagle-i.net/>

From: <Robertson>, Jim <jrobertson3 at hmc.psu.edu<mailto:jrobertson3 at hmc.psu.edu>>
Date: Monday, November 18, 2013 12:42 PM
To: "'eagle-i-admins at open.med.harvard.edu<mailto:'eagle-i-admins at open.med.harvard.edu>'" <eagle-i-admins at open.med.harvard.edu<mailto:eagle-i-admins at open.med.harvard.edu>>
Subject: [Eagle-i-admins] SWEET authentication via LDAP/Kerberos

All,
  Has anyone integrated LDAP/Kerberos (or other external security methodologies) with SWEET?
  At Penn State, we are potentially facing significant logistical issues managing accounts for users across our entire campus network (including branches).  Our information owner wants anyone in the research community to have the ability to manage resources in Draft mode.

Regards,
Jim Robertson
Systems Analyst – Research Informatics
Phone: (717) 531-0003 x289483
Email:   jrobertson3 at hmc.psu.edu<mailto:jrobertson3 at hmc.psu.edu>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://open.med.harvard.edu/pipermail/eagle-i-admins/attachments/20131126/3bc9250e/attachment.html