<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div><br></div><div>Identity management is definitely a challenge in academic environments, though WP's architecture eases the burden of integration. We use CAS for authn and a mishmash of authz solutions for the web apps at my school, where we have both WPMU and a few instances of the regular .org version integrated with it (I maintain the wpCAS[1] plugin for this purpose).</div><div><br></div><div>The real problem we face, however, is that our IdM strategy is now centered on our student information system. That might not be so bad if the SIS (or our business rules) were more flexible, but as we look to serve growing numbers of users who don't seem to have a proper place in the SIS, we find ourselves rethinking the problem. </div><div><br></div><div>The apparent support within the WP community for OpenID and OAtuh, as well as the solid plugin API and development of BuddyPress has us considering putting WP at the center of our IdM strategy. </div><div><br></div><div><br></div><div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><font face="Helvetica" size="3" style="font: normal normal normal 12px/normal Helvetica; ">Casey Bisson</font></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><font face="Helvetica" size="3" style="font: normal normal normal 12px/normal Helvetica; ">__________________________________________</font></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 12px/normal Helvetica; min-height: 14px; "><br></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><font face="Helvetica" size="3" style="font: normal normal normal 12px/normal Helvetica; ">Information Architect</font></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><font face="Helvetica" size="3" style="font: normal normal normal 12px/normal Helvetica; ">Plymouth State University</font></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><font face="Helvetica" size="3" style="font: normal normal normal 12px/normal Helvetica; ">Plymouth, New Hampshire</font></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><font face="Helvetica" size="3" style="font: normal normal normal 12px/normal Helvetica; "><a href="http://Plymouth.edu/">http://Plymouth.edu/</a></font></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><font face="Helvetica" size="3" style="font: normal normal normal 12px/normal Helvetica; "><a href="http://about.Scriblio.net/">http://about.Scriblio.net/</a></font></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><font face="Helvetica" size="3" style="font: normal normal normal 12px/normal Helvetica; "><a href="http://MaisonBisson.com/">http://MaisonBisson.com/</a></font></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">ph: 603-535-2256</div><br class="Apple-interchange-newline"></div><div><br></div><div>[1]: <a href="http://wordpress.org/extend/plugins/wpcas/">http://wordpress.org/extend/plugins/wpcas/</a> and <a href="http://maisonbisson.com/projects/wpcas/">http://maisonbisson.com/projects/wpcas/</a></div><div><br></div><div><br></div><br><div><div>On Nov 8, 2008, at 3:46 PM, Will Norris wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div>First a quick introduction: My name is Will Norris. Until recently, I worked at University of Southern California on enterprise identity management. During that time I was a member of the core development team for Shibboleth[0], a web single sign-on package popular in higher education. I now focus primarily on OpenID[1] and maintain the WordPress OpenID plugin[2] and a new Shibboleth plugin[3].<br><br>At USC, we were well on the way to making it institutional policy that any enterprise applications MUST integrate with the university's identity management infrastructure. Depending on the application, this typically meant Shibboleth or LDAP. The level of integration varied -- the bare minimum was authentication and authorization to use the application (the two are inseparable at USC). Beyond that applications could use the IdM infrastructure for additional user attributes, more fine-grained authorization within the application, and management of user groups.<br><br>I'm particularly interested to hear what integration challenges universities have faced with WordPress. Does your university require this integration and to what degree? What interfaces does your IdM system provide -- LDAP, Active Directory, web single sign-on (Shibboleth, PubCookie, CAS, CoSign, other)? How much success have you had with this integration? Did you use publicly available plugins, or a home-grown solution?<br><br>Thanks,<br>Will Norris<br><br><br>[0]: <a href="http://shibboleth.internet2.edu/">http://shibboleth.internet2.edu/</a><br>[1]: <a href="http://openid.net/">http://openid.net/</a><br>[2]: <a href="http://wordpress.org/extend/plugins/openid/">http://wordpress.org/extend/plugins/openid/</a><br>[3]: <a href="http://wordpress.org/extend/plugins/shibboleth/">http://wordpress.org/extend/plugins/shibboleth/</a><br></div></blockquote></div></body></html>