Shibboleth Developers

[Derek Atkins <>]

Good news is that the beta-1 will do the same thing :)

-derek

Scott Cantor 
<>
 writes:

> In case inquiring minds wanna know, this is what the WebCT external
> authentication scheme looks like.
> 
> -- Scott
> 
> -----Original Message-----
> From: Mark Wilcox 
> [mailto:]
>  
> Sent: Wednesday, October 09, 2002 3:34 PM
> To: Scott Cantor
> Subject: RE: WebCT/Shib Interop
> 
> 
> Not sure if I can squeeze it into 1 sentence, but here's how it works :
> 
> 1. CGI script is protected by mod_shib
> 2. Get WebCT Userid from REMOTE_USER variable that mod_shib passes
> 3. CGI script invokes our Auto sign-on protocol. This protocol consists
> of passing along the WebCT Unique UserId (WUUI) plus a timestamp (to
> prevent replay attacks), plus an URL (to a specific course or MyWebCT)
> and an MD5 hash. The Hash is constructed by taking the sum of the ascii
> values of the passed data (WUUI, timestamp, URL) and appending a shared
> secret. This protocol is defined in our CE Tech Ref manual. And it's the
> same protocol we use to integrate with Campus Pipeline, UPortal as well
> as our integration with PubCookie or any other similar WebISO system.
> 
> I already have the script that does step 3.
> 
> Mark
> 
> 

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       

                        PGP key available

------------------------------------------------------mace-shib-design-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at 

    http://archives.internet2.edu/

------------------------------------------------------mace-shib-design--