uPortal and Shibboleth
This was a report on the SPIE project (Shibboleth aware Portals Information Environments) from Oxford (who are one of the partners in the project)
I’m impressed by the work done here, but there wasn’t much to ‘see’ – once you’ve seen one login, you’ve seen them all. However it has helped (I think) to clarify some issues concerning Shibboleth and SSO.
Shibboleth is neither an authentication nor authorization system – it is a framework. I had understood that in order to have SSO, you would also need to have a separate SSO solution (e.g. PubCookie, CAS).
However, from this presentation I now believe that it is slightly more complex. As long as you are working within the same federation any ‘shibbolized’ resource would be able to understand you already had a ‘shibboleth session’, and so wouldn’t ask for further logins.
This implies that within a completely shibbolized environment, the need for separate SSO solutions may disappear. However, this is obviously some way off at the moment – many of our resources show no sign of becoming Shib enabled yet…
It also isn’t clear when Luminis might be Shib enabled (as opposed to uPortal). At the moment I believe that Luminis will work with CAS, so it maybe that we should investigate this as well as our current work on Shibboleth (via the ShibboLEAP project).
Portals for Prospective and New Students
University of Nottingham
support a portal for prospective students. The main business drivers were:
Gain competitive edge
Increased efficiency
Enabling better service for true enquiries
Convert more applicants into actual students
One attendee questioned some of this, as Nottingham is terribly over-subscribed, and the ‘prospective students’ portal currently only deals with UCAS applicant students – rather than those that might have more of an impact such as overseas or postgraduate students.
When they have put in an application (I think), Prospective Students are sent a letter with a username/password – which is only valid where they are a prospective student – they get a new one when they become a student (there was a question about when does someone move from ‘prospect’ to ‘student’)
Prospective student details are held in the internal Luminis LDAP – and there is fall-through authentication on the portal, which uses the internal Luminis authentication if the main Nottingham LDAP fails (which it would always do for Prospects).
Within the portal, deliver information about their application – updated as this changes (similar to the ‘Status Checker’ we offer at RHUL).
Also general information about student life – links to different areas/facilities, as well as showing webcams etc from around campus.
Finance information – including ‘Fee estimator’ which covers Course fees, accommodation fees, food, gas/electricity, water, council tax etc.
Contact information – for more information.
For Nottingham PSP (Prospective Student Portal) is part of the ongoing relationship with their students – from Propsect, to Student, to Alumni. However, each ‘portal’ is acutally role based rather than separate portal installations.
Future goals are:
PG Admissions Portal
Improved/integrated online prospectus
Targeted announcements
Student induction channels
Links to CMS
School managed channels
On-line payment of fees (already have for existing students)
University of Edinburgh
on the otherhand offer the portal once students become UF (Unconditional Firm) – at this point, they start treating them as full students, and issue them with a student username and passwords, and give access to the full range of services. The username/password is sent by post, but there is an online ‘signup’ procedure, where they have to agree to the relevant regulations before they get full access to services.
This has proved very popular, with over 61% of new students had used MyEd by 12th Sept 2005, after the passwords going out in the Summer. Next year they plan to send out username/passwords earlier – in fact, they expect to send out the first ones to UF students starting in Sept 2006 in January.