assurance - [Assurance] Seeking advice on how to handle direct AuthN from hosted services

Subject: Assurance

List archive

[Assurance] Seeking advice on how to handle direct AuthN from hosted services

From: Mark John Rank <>
To:
Subject: [Assurance] Seeking advice on how to handle direct AuthN from hosted services
Date: Fri, 14 Dec 2012 09:36:22 -0600 (CST)

Assurance Folks:

I am seeking a bit of advice. UWM has run into some delays with our
Bronze/Silver
efforts but we are still working in that direction. One area we have gotten
to is
implementing procedures to limit direct access to credential stores from
external entities.

Recently our IAM Group has been asked to provide authentication access for a
“Fat Client” with a remotely hosted 2-tier application server via secured
LDAP. We are putting together a quick impact document as part of the response.
I would welcome feedback from the group, either on the analysis approach or
if
folks have solved this problem already. The document is available at ...

https://pantherfile.uwm.edu/rankm/public/external_party_issue.pdf

For reasons that can be chalked up to "that ship has sailed", other AuthN
protocols are not an option at this time.

Any feedback would be appreciated.

Regards,
Mark

------------------------------------------
Mark Rank
Middleware and Identity Management Group
University Information Technology Services
UW-Milwaukee
Email:

Phn: 414-229-3706
------------------------------------------

[Assurance] Seeking advice on how to handle direct AuthN from hosted services, Mark John Rank, 12/14/2012
- Re: [Assurance] Seeking advice on how to handle direct AuthN from hosted services, Eric Goodman, 12/14/2012
  - Re: [Assurance] Seeking advice on how to handle direct AuthN from hosted services, Mark John Rank, 12/14/2012
    - Re: [Assurance] Seeking advice on how to handle direct AuthN from hosted services, Eric Goodman, 12/14/2012

List archive

[Assurance] Seeking advice on how to handle direct AuthN from hosted services