Upload File

it’s time for a spa - events | internet2 · today’s(conversaon it’s time for a spa •...

  • Home
  • Documents
  • IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made
19
IT’S TIME FOR A SPA Jeff McCullough UC Berkeley © 2015 Internet2 Long Term Departmental Accounts

Upload: nguyenkhue

Post on 01-Apr-2018

220 views

Category:

Documents


3 download

Report

TRANSCRIPT

Page 1: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

IT’S TIME FOR A SPA

Jeff McCullough UC Berkeley

© 2015 Internet2

Long Term Departmental Accounts

Page 2: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

Today’s  conversa.on

It’s Time for a SPA

•  Example SSO login. •  Why SPA? •  How do they work? •  Issues and changes we’ve made. •  Your input and questions…

© 2015 Internet2

[ 2 ]

Page 3: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

[ 3 ]

© 2015 Internet2

Authenticating using CAS

Page 4: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

[ 4 ]

© 2015 Internet2

Authenticating using CAS

Page 5: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

Background

•  Two previous implementations •  SSO requirement •  Integration with multiple systems

[ 5 ]

© 2015 Internet2

Page 6: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

Use cases

Data storage for a team or department. Functional account for a position that changes frequently. Account for a program/department/team that needs to send/receive email and calendar events.

[ 6 ]

© 2015 Internet2

Page 7: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

SPA Environment

[ 7 ]

© 2015 Internet2

Page 8: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

How do SPAs differ from regular accounts?

Extra LDAP attributes LDAP groups Grouper groups Surrogate login

[ 8 ]

© 2015 Internet2

Page 9: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

Extra attributes

•  Create date •  Expiration date – 5 years •  User access group •  Purpose •  New affiliate type •  (Department Number)

[ 9 ]

© 2015 Internet2

Page 10: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

User access groups

•  Grouper groups •  LDAP groups

[ 10 ]

© 2015 Internet2

Page 11: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

Authentication

•  Surrogate login (SSO) •  Kerb password (non UI app or AD) •  Google Key

[ 11 ]

© 2015 Internet2

Page 12: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

Surrogate login

•  CAS login module (CAS/Shib) •  SPA-ID+My-Account-ID •  +My-Account-ID •  Both use user’s password

[ 12 ]

© 2015 Internet2

Page 13: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

Delegated Access within Apps

•  Google •  Box •  Other systems

[ 13 ]

© 2015 Internet2

Page 14: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

Authorization

•  LDAP user group •  Begins as a grouper group

[ 14 ]

© 2015 Internet2

Page 15: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

SPA Admin

•  List of SPA that have already been created •  Create SPA / Delete SPA •  Namespace checks •  Sub-domains •  Links for group admin and google account creation

[ 15 ]

© 2015 Internet2

Page 16: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

Provisioning an account

•  Using OpenIDM •  > Kerberos •  > AD •  > LDAP •  > Grouper

[ 16 ]

© 2015 Internet2

Page 17: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

Surrogate login and groups

•  Looks up all groups for user •  Determines which groups are related to SPAs •  Shows list to user •  Logs user in as SPA using either CAS/Shib •  Adds info to logs

[ 17 ]

© 2015 Internet2

Page 18: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

Issues and changes…

•  Previously had authorizer/owner. •  Any employee. •  The shell game.

[ 18 ]

© 2015 Internet2

Page 19: IT’S TIME FOR A SPA - Events | Internet2 · Today’s(conversaon It’s Time for a SPA • Example SSO login. • Why SPA? • How do they work? • Issues and changes we’ve made

Q/A

•  What do you think? •  Do you have an implemention of SPAs?

[ 19 ]

© 2015 Internet2


Spa TreaTmenT menu - Aria Hotels · Charoupi & Luxury – Spa Gold Therapy Charoupi (carob) is a topic tree very common in Creta Island. It’s fruit is very nutritious. maximum glamour

WELCOME, IT’S TIME TO RELAX - celtic-manor.com · award-winning Forum Spa. ... RESIDENTIAL SPA ESCAPES Enhance your experience and stay a little longer to make full use of our resort

It’s sunny It’s windy It’s rainy It’s stormy It’s cloudy

Hacking(to(GetCaught…( - SANS to Get...Overview • Personal(Introduc?on(• Hacking(to(GetCaught • The(“Conversaon”(• Adversary(Simulaon(• Challenges

How to Have Difficult Conversations€¦ · How to Have Difficult Conversations How to Have Difficult Conversaons • You have op8ons! You can… – Decide not to have a conversaon

Spa-Style Baths.pdf - custombuilder.s3.amazonaws.com Baths.pdfJAPHET BUILDERS, SAN ANTONIO T ... and because it’s a soaker, it’s low maintenance. The counter vanity cabinet and

Congratulations on your decision to enjoy the finest spa ......OUTDOOR AND PATIO INSTALLATION N o matter where you install your new spa, it’s important that you have a solid foundation

UNWIND REJUVENATE INDULGE - Amazon S3...Park Spa Retreat at Warbrook House Hotel is an oasis of calm where it’s all about you. Contained within the spa there are SIX treatment rooms

CATALOGO MACCHINE...Alstom Power Spa, ENI Spa, Saipem Spa, Snam Progetti Spa, Bonatti Spa, Franco Tosi Meccanica Spa, Gardaland Spa. UNA MISSIONE DI FAMIGLIA La strada fu intrapresa

DSM5& Development · ii. Failure&to ... •&Mixed&Anxiety/Depression&& •SubstanceInducedDepressiveDisorder ... turns&in&conversaon,&rephrasing&when&misunderstood,&and&knowing&how&to&

Defaultallisdangerous! · 10 Interpreta8on)of)Annota8ons)2:)Domain)Value* *!Alternave!interpretaon!suggested!by!WangOChiew!Tan!(example!created!aer!conversaon!atSigmod!2011)! 1 a

TAMERICI SPA REGINA AT THE TETTUCIO SPA ......TAMERICI SPA REGINA AT THE TETTUCIO SPA SALA NENCINI AT THE TETTUCIO SPA PORTOGHESI AT THE TETTUCIO SPA EXCELSIOR SPA Title Montecatini_Map_2018

Costa Rica Marriott Spa... · get rid of it’s skin and obtain it’s precious fruit. Enjoy your wellness journey though Kuö as ... análisis de su tipo de piel, un corto masaje

PURE SPA, SPA SERVICES

Profilo aziendale - Kyriom Group ltd · Company profile ... SAIPEM SpA, FIAT Engineering SpA, RODIO SpA, T.A.V. SpA – Trains à grand vitesse, PIRELLI SpA, IMPREGILIO SpA, ASTALDI

Spa Ceylon Spa & Boutique

SPA - Peebles Hydro · SPA SPA SPA SPA PEEBLES HYDRO SPA Spa Manicure 50 minutes £28 The perfect finishing touch for that well-groomed look we all crave. Our manicure consists of

spa refreshments - Day Spa and Beauty Treatments, Spa

Packaging & Suites - PassagewaysInstant Messenger Start a conversaon, about anything. One-on-one, group chat, or even bring in the enre board into the discussion. And it’s all in

SPA Bath LAGUNA SPA 213 x 213 - Pool-Spa

For spa reservations and information, · 2020-03-21 · It’s true. A single moment spent in joy colors all the moments that follow. At Mandara Spa at Wyndham Grand Rio Mar Beach

OWNER’S MANUAL · It’s time to relax! You now have your very own portable spa by Master Spas. By fully understanding the operation of each of the features of your new Master Spa,

innovative professional skincare...high end customer satisfaction. In 2003 Germaine de Capuccini entered the spa market with it’s Spa Marine range. As this market grew, new lines

Sibirskoe SPA - SPA Menu

SPA CI METTIAMO L’ANIMA · 2017. 4. 22. · CI METTIAMO L’ANIMA. SPA SPA SPA. SPA SPA SPA. Soluzioni. per l’edilizia. d’Acciaio. Qualità elevatissima, cura artigianale, accurata

Çydromassage - Spa / ÕäñïìáóÜæ - Spa

PERCORSI - · PDF file– Pietro Ciucci, ... – Francesco Antonio Musolino, prefetto di Reggio ... Spa, Enel Spa, Falck Spa, Impregilo Spa, Terna Spa e Sorgenia Spa

Buyers Guide - portal.eeanz.com · Life’s better in a spa At Spa World, we believe a spa is more than just a spa It’s a connection to a better life; a valuable asset that helps

Spa maven Spa Deals

It’s where you want to be - Great Lakes Pool & Spa · An Emerald Spa is where you want to be! The Emerald experience is as distinct and rewarding as its many standard features and

2013 Delegate Directory · the birthplace of yoga and Ayurveda, it’s the ideal location to explore the historic roots of spa and wellness ... • Isha Resorts and Spa Pvt. Ltd.,

Omni Barton Creek Resort & Spa - JDRF...Omni Barton Creek Resort & Spa presented by live auction The Magic of Marfa It’s been called the Santa Fe of Texas — filled with fabulous

A Customer Experience Audit for Your Salon or Spa...It’s also what sets your salon or spa apart from the rest. Does your customer experience leave a lasting impression? The following

DATA-DRIVEN MARKETING SPECIAL 060618 - MarTech Advisor · 2018-10-27 · On Data-Driven Markeng The Importance of ‘Self-learning Data Plaorms’: In Conversaon with Ajay Khanna,

Pirita Spa Hotel Alice in Wonderland - Tallink Hotels · Pirita Spa Hotel Alice in Wonderland Have you always dreamed of being Alice, the Mad Hatter or maybe the Cheshire Cat? It’s