Hacking WordPress Login and Password Reset Processes For My University Environment

Any university worth the title is likely to have a very mixed identity environment. At Plymouth State University we’ve been pursuing a strategy of unifying identity and offering single sign-on to web services, but an inventory last year still revealed a great number of systems not integrated with either our single sign-on (AuthN) or authorization […] » about 1700 words

CAS Is A Standard Protocol, Not A Standard Application

I’m not really part of the Jasig CAS Community (learn more), but I do maintain the wpCAS WordPress CAS client and I’ve started development of a CAS server component for WordPress. That project is on hold because one of the products that I’d expected to integrate with it doesn’t use standard CAS and the vendor […] » about 200 words

Acronym Overload: IIS + ISAPI + CAS

I’m working to integrate an application on a remote-hosted IIS server into our CAS environment. CASisapi (svn trunk or svn tags/production) may do the trick, though Phil Sladen struggled with it (in 2005). There’s reason to doubt it. Not only is the sparse information all old, I first learned about it from a page full of broken links and the apparent author recommends against it. There’s a little more information here for those who can read Danish.

UC Davis’ CAS ISAPI client may be a better solution (it certainly looks easy to install). Builder AU talks about .NET + CAS, and Case Western has a lot of documentation. Only partially related: it looks like World of Warcraft uses CAS.

WordPress CAS Integration Plugin

CAS — Central Authentication Service — has no logo, but it’s still cool. Heterogeneous environments like mine offer hundreds of different online services or applications that each need to authenticate the user. Instead of throwing our passwords around like confetti, CAS allows those applications to identify their users based on session information managed by the […] » about 300 words

Google Pumps OpenID Too

Following news that Yahoo! is joining the OpenID fray, it appears Google is dipping a toe in too. While those two giants work out their implementations, others are raising the temperature of the debate on IDM solutions. Stefan Brands is among the OpenID naysayers (David Recordon’s response), while Scott Gillbertson sees a bright future. Let’s watch the OpenID Directory to see how fast it grows now (count on January 19 2008: 446).

Reputation Management At Applied Dreams 2.2

Ryan gave me the drop on this presentation by Dave Chiu and Didier Hilhorst where they do an amusingly effective job of explaining the concept of reputation management. It all went down at the conclusion of the Applied Dreams 2.2 project at Interaction Design Institute Ivrea in Milano. The project brief begins: Our identities are […] » about 200 words

Identity Management In Social Spaces

(note: the following is cross-posted at Identity Future.) Being that good software — the social software that’s nearly synonymous with Web 2.0 — is stuff that gets you laid, where does that leave IdM? Danah Boyd might not have been thinking about it in exactly those terms, but her approach is uniquely social-centered. She proposes […] » about 400 words