<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Calibri, sans-serif; "><div>Hi Mike,</div><div><br></div><div><div>Thanks for your question. eagle-i was developed as a stand alone application including built-in authentication, so options to use external authentication services were not part of our original scope. If you'd like to develop a solution to use LDAP instead of the Derby database eagle-i uses, we can certainly provide some assistance. I'm sure that this would be valuable to other institutions as well.</div><div><br></div><div>Recently, we branched our code and assisted another institution in developing a single sign on using CAS. If you are interested in going a similar route and developing LDAP authentication, we can have a call to discuss scope and resources before you make the decision.</div></div><div><br></div><div>Sincerely,</div><div>Sophia</div><div><br></div><div><div><div>-- </div><div><div style="font-family: Consolas, monospace; font-size: 12px; ">Sophia K. Cheng</div><div style="font-family: Consolas, monospace; font-size: 12px; ">Software Technical Lead</div><div style="font-family: Consolas, monospace; font-size: 12px; ">eagle-i @ Harvard University</div><div style="font-family: Consolas, monospace; font-size: 12px; ">Vanderbilt Hall, 019</div><div style="font-family: Consolas, monospace; font-size: 12px; ">107 Avenue Louis Pasteur</div><div style="font-family: Consolas, monospace; font-size: 12px; ">Boston MA 02115</div><div style="font-family: Consolas, monospace; font-size: 12px; ">Skype: sophia.k.cheng</div><div style="font-family: Consolas, monospace; font-size: 12px; ">Web: <a href="http://www.eagle-i.net/">www.eagle-i.net</a></div></div></div></div><div><br></div><span id="OLK_SRC_BODY_SECTION"><div style="font-family:Calibri; font-size:11pt; text-align:left; color:black; BORDER-BOTTOM: medium none; BORDER-LEFT: medium none; PADDING-BOTTOM: 0in; PADDING-LEFT: 0in; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid; BORDER-RIGHT: medium none; PADDING-TOP: 3pt"><span style="font-weight:bold">From: </span> <Carnegie>, Mike <<a href="mailto:mcarnegie@hmc.psu.edu">mcarnegie@hmc.psu.edu</a>><br><span style="font-weight:bold">Date: </span> Tuesday, November 19, 2013 10:30 AM<br><span style="font-weight:bold">To: </span> Sophia <<a href="mailto:sophia_cheng@hms.harvard.edu">sophia_cheng@hms.harvard.edu</a>>, "Robertson, Jim" <<a href="mailto:jrobertson3@hmc.psu.edu">jrobertson3@hmc.psu.edu</a>>, "<a href="mailto:'eagle-i-admins@open.med.harvard.edu">'eagle-i-admins@open.med.harvard.edu</a>'" <<a href="mailto:eagle-i-admins@open.med.harvard.edu">eagle-i-admins@open.med.harvard.edu</a>><br><span style="font-weight:bold">Subject: </span> RE: [Eagle-i-admins] SWEET authentication via LDAP/Kerberos<br></div><div><br></div><div dir="ltr"><style id="owaParaStyle" type="text/css"></style><div ocsi="0" fpstyle="1" style="word-wrap:break-word; color:rgb(0,0,0); font-size:14px; font-family:Calibri,sans-serif"><div style="direction: ltr;font-family: Tahoma;color: #000000;font-size: 10pt;">Hi Sophia,<br><br>
We were looking for a way to use Kerberos authentication within Sweet. <br><br>
If there is a way to integrate LDAP for authorization we could take a look at that as well. But it is not as important as users having to manage multiple passwords.
<br><br>
Thanks<br><br>
-Mike Carnegie<br><div style="font-family: Times New Roman; color: #000000; font-size: 16px"><hr tabindex="-1"><div style="direction: ltr;" id="divRpF108963"><font size="2" color="#000000" face="Tahoma"><b>From:</b> Cheng, Sophia [<a href="mailto:Sophia_Cheng@hms.harvard.edu">Sophia_Cheng@hms.harvard.edu</a>]<br><b>Sent:</b> Monday, November 18, 2013 13:14<br><b>To:</b> Robertson, Jim; <a href="mailto:'eagle-i-admins@open.med.harvard.edu">'eagle-i-admins@open.med.harvard.edu</a>'<br><b>Cc:</b> Carnegie, Mike<br><b>Subject:</b> Re: [Eagle-i-admins] SWEET authentication via LDAP/Kerberos<br></font><br></div><div></div><div><div>Hi Jim,</div><div><br></div><div>Could you clarify whether you are looking to integrate directly to LDAP/Kerberos or integrating to an authentication system using Kerberos?</div><div><br></div><div>Sincerely,</div><div>Sophia</div><div><br></div><div><div><div>-- </div><div><div style="font-family:Consolas,monospace; font-size:12px">Sophia K. Cheng</div><div style="font-family:Consolas,monospace; font-size:12px">Software Technical Lead</div><div style="font-family:Consolas,monospace; font-size:12px">eagle-i @ Harvard University</div><div style="font-family:Consolas,monospace; font-size:12px">Vanderbilt Hall, 019</div><div style="font-family:Consolas,monospace; font-size:12px">107 Avenue Louis Pasteur</div><div style="font-family:Consolas,monospace; font-size:12px">Boston MA 02115</div><div style="font-family:Consolas,monospace; font-size:12px">Skype: sophia.k.cheng</div><div style="font-family:Consolas,monospace; font-size:12px">Web: <a href="http://www.eagle-i.net/" target="_blank">www.eagle-i.net</a></div></div></div></div><div><br></div><span id="OLK_SRC_BODY_SECTION"><div style="font-family:Calibri; font-size:11pt; text-align:left; color:black; border-bottom:medium none; border-left:medium none; padding-bottom:0in; padding-left:0in; padding-right:0in; border-top:#b5c4df 1pt solid; border-right:medium none; padding-top:3pt"><span style="font-weight:bold">From: </span><Robertson>, Jim <<a href="mailto:jrobertson3@hmc.psu.edu" target="_blank">jrobertson3@hmc.psu.edu</a>><br><span style="font-weight:bold">Date: </span>Monday, November 18, 2013 12:42 PM<br><span style="font-weight:bold">To: </span>"<a href="mailto:'eagle-i-admins@open.med.harvard.edu" target="_blank">'eagle-i-admins@open.med.harvard.edu</a>'" <<a href="mailto:eagle-i-admins@open.med.harvard.edu" target="_blank">eagle-i-admins@open.med.harvard.edu</a>><br><span style="font-weight:bold">Subject: </span>[Eagle-i-admins] SWEET authentication via LDAP/Kerberos<br></div><div><br></div><div><style>
<!--
@font-face
        {font-family:Calibri}
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif"}
a:link, span.MsoHyperlink
        {color:blue;
        text-decoration:underline}
a:visited, span.MsoHyperlinkFollowed
        {color:purple;
        text-decoration:underline}
span.EmailStyle17
        {font-family:"Calibri","sans-serif";
        color:windowtext}
.MsoChpDefault
        {font-family:"Calibri","sans-serif"}
@page WordSection1
        {margin:1.0in 1.0in 1.0in 1.0in}
-->
BODY {direction: ltr;font-family: Tahoma;color: #000000;font-size: 10pt;}P {margin-top:0;margin-bottom:0;}BODY {scrollbar-base-color:undefined;scrollbar-highlight-color:undefined;scrollbar-darkshadow-color:undefined;scrollbar-track-color:undefined;scrollbar-arrow-color:undefined}BODY {scrollbar-base-color:undefined;scrollbar-highlight-color:undefined;scrollbar-darkshadow-color:undefined;scrollbar-track-color:undefined;scrollbar-arrow-color:undefined}</style><div lang="EN-US"><div class="WordSection1"><p class="MsoNormal">All,</p><p class="MsoNormal"> Has anyone integrated LDAP/Kerberos (or other external security methodologies) with SWEET?</p><p class="MsoNormal"> At Penn State, we are potentially facing significant logistical issues managing accounts for users across our entire campus network (including branches). Our information owner wants anyone in the research community to have the ability
to manage resources in Draft mode. </p><p class="MsoNormal"> </p><p class="MsoNormal">Regards,</p><p class="MsoNormal">Jim Robertson</p><p class="MsoNormal">Systems Analyst – Research Informatics</p><p class="MsoNormal">Phone: (717) 531-0003 x289483</p><p class="MsoNormal">Email: <a href="mailto:jrobertson3@hmc.psu.edu" target="_blank">
jrobertson3@hmc.psu.edu</a></p><p class="MsoNormal"> </p></div></div></div></span></div></div></div></div></div></span></body></html>