[wp-edu] identity management integration

Casey Bisson casey.bisson at gmail.com
Sun Nov 9 04:09:58 GMT 2008

Identity management is definitely a challenge in academic  
environments, though WP's architecture eases the burden of  
integration. We use CAS for authn and a mishmash of authz solutions  
for the web apps at my school, where we have both WPMU and a few  
instances of the regular .org version integrated with it (I maintain  
the wpCAS[1] plugin for this purpose).

The real problem we face, however, is that our IdM strategy is now  
centered on our student information system. That might not be so bad  
if the SIS (or our business rules) were more flexible, but as we look  
to serve growing numbers of users who don't seem to have a proper  
place in the SIS, we find ourselves rethinking the problem.

The apparent support within the WP community for OpenID and OAtuh, as  
well as the solid plugin API and development of BuddyPress has us  
considering putting WP at the center of our IdM strategy.

Casey Bisson

Information Architect
Plymouth State University
Plymouth, New Hampshire
ph: 603-535-2256

[1]: http://wordpress.org/extend/plugins/wpcas/ and http://maisonbisson.com/projects/wpcas/

On Nov 8, 2008, at 3:46 PM, Will Norris wrote:

> First a quick introduction:  My name is Will Norris.  Until  
> recently, I worked at University of Southern California on  
> enterprise identity management.  During that time I was a member of  
> the core development team for Shibboleth[0], a web single sign-on  
> package popular in higher education.  I now focus primarily on  
> OpenID[1] and maintain the WordPress OpenID plugin[2] and a new  
> Shibboleth plugin[3].
> At USC, we were well on the way to making it institutional policy  
> that any enterprise applications MUST integrate with the  
> university's identity management infrastructure.  Depending on the  
> application, this typically meant Shibboleth or LDAP.  The level of  
> integration varied -- the bare minimum was authentication and  
> authorization to use the application (the two are inseparable at  
> USC).  Beyond that applications could use the IdM infrastructure for  
> additional user attributes, more fine-grained authorization within  
> the application, and management of user groups.
> I'm particularly interested to hear what integration challenges  
> universities have faced with WordPress.  Does your university  
> require this integration and to what degree?  What interfaces does  
> your IdM system provide -- LDAP, Active Directory, web single sign- 
> on (Shibboleth, PubCookie, CAS, CoSign, other)?  How much success  
> have you had with this integration?  Did you use publicly available  
> plugins, or a home-grown solution?
> Thanks,
> Will Norris
> [0]: http://shibboleth.internet2.edu/
> [1]: http://openid.net/
> [2]: http://wordpress.org/extend/plugins/openid/
> [3]: http://wordpress.org/extend/plugins/shibboleth/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://comox.textdrive.com/pipermail/wp-edu/attachments/20081109/19ef124f/attachment.htm

More information about the wp-edu mailing list