|
Page contents:
|
Project Meetings
Meeting Notes 11-30-2004
Project Meeting Notes:
Cascadia Community College, UW Bothell, and UW Seattle. November 30, 2004, Attending: UW Seattle - Richard Ortiz, Anne Hopkins, Zephyr McLaughlin UW Bothell – Rob Estes Cascadia Community College – Michael Klim Introductions were followed by a clarification of the 2 milestones in the previous project documentation. The clarified milestones are as follows: Cascadia Community College Milestones -------------------------------------------------------- - Get info/communications ready for EZ Proxy login change. College 101 - example. When trying to reach as many students as possible, try to get into core courses, like College 101 (with 15-16 different sections of the course) and encourage students to use online access to get access from home or check out books, etc. Deadline for preparing info for materials for College 101 - Rob says anytime until Jan 1 will be ok, since info can be prepared/distributed quickly. Jan 3 is first day of classes; try to go into the course during first week or so. For students who've already taken College 101, there will have to be alternative communication mechanisms. Cascadia will also use English 101 and 102. - EZ Proxy access supposed to change on 1/1/05. how to communicate this out to UWB and CCC. In theory, all students will need access, though a survey showed 60% actually used library DBs (using barcode and PIN). Expectations -------------------------- Jan 1 is too aggressive for deploying UWNetID to *all* students. Our workaround is to check with Bill Jordan on the retirement date for the old proxy server and see what will be available for students. Based on the requirements of the milestones, the group continued to work on the design and process for establishing the service for Cascadia Community College. We will work together to get a list of tasks that will lead to the project goal and determine the estimated project completion based on the project estimates from UW Seattle, UW Bothell, and Cascadia. Conceptual Design --------------------------------- A conceptual design and process steps were further developed by Zephyr McLaughlin, Michael Klim and Rob Estes with support from Anne Hopkins at the meeting with Cascadia and UW Bothell on November 30, 2004. Please see the attached PDF file. Process --------------------- 1. Feeds are established between Cascadia and the UW. This process must be completed in order for this design to begin to function. 2. The Cascadia Community College User uses a browser to view a web page developed and supported by Cascadia Community College. This user will be prompted to enter a Cascadia ID and Cascadia PAC. Support for this web page will be managed by the Student and Employee Help Desks at Cascadia. 3. If the combination is in the Cascadia database, the Cascadia ID and UW AVF PAC is posted to the UW NetID creation pages maintained by the UW Computing and Communications (C&C) group. 4. Completion of step 3 results in a UW NetID and password that is provided to the Cascadia Community College User and may be used for authorization to UW NetID and password protected services. Support for these web pages will be managed by the UW C&C Information group. A diagram is attached that provides a picture of the process. Please review it for clarity and understanding and report changes back to Richard Ortiz rjortiz@cac.washington.edu. Service Sets --------------------------- Service sets for the UW NetID and password provided to Cascadia users are: - Kerberos Principle - U Forwarding Data Feeds ------------------------- Cascadia => UW Data Feed -------------------------------------------- Data received in the feed from Cascadia to the UW will be placed in the AVF subsection of the UW Person Registry Database. Those items that are received that will not fit within the data structure of the current implementation of the UW Person Registry Database, will be placed in a temporary data store. It is important that the UW provide adequate protection for the data feed. This data feed will be done nightly. C&C will initially establish an account and FTP process during initial phases until the design is completed. There are two data issues. The address for employees may be the work location for employees, and there is pending approval for transferring the Birth Date. UW => Cascadia Data Feed -------------------------------------------- UW C&C will provide the UW AVF PAC and the Cascadia pair to Cascadia. The database is still in the design and development phase. It is important that Cascadia provide adequate protection for the data feed. This data feed will be done nightly. During deployment, this feed must be received to start the entire process. The process for transferring the data is still in the discussion phase. Data Feed Contacts UW - Zephyr McLaughlin 206-685-6220/Jon Pass206 685-6142 Cascadia - Sandy Nelson Feed/Design Technical Discussion -------------------------------------------------- Cascadia Ccmmunity College (CCC) Status: for associate faculty (may be here Fall and Summer, but still need access in between). When they aren't on the payroll, they won't be in the feed. Our suggestion is to handle these exceptions with temp ids. Staff records appear in feed the night of the day they went on payroll. Student records appear in the feed when they're enrolled, changes a lot during first week or two of the quarter. Initially, a discussion was held that required the UW to communicate directly with the CTC Office in Bellevue. However, after further discussion, the conceptual design was agreed upon as a more appropriate method. The design agreed upon would allow for a more seamless integration. CCC would need to: - create feed to UW - import feed from UW - store UW PACs - build the CCC pre-netid-create authorization service to pass CCID and UW PAC to UW NetID create page. Goals: Never expose CCC PASSWORD/PAC, avoid technical complications of interfacing CCC asp/.net with UW C/unix/apache. This approach means that UW never needs to know or handle the CCC password. The UW PAC would be the one shared secret. It does however; depend on 2-way feeds -- CCC Student info fed to UW and UW feeds CCC ID/UW PAC back to CCC. Since UW PAC is one-time-use, it can't be used for a subsequent UW NetID create, even once it's floating around someone's browser. The UW PAC approach could also be used for pwd changes. The student never needs to know their UW PAC, which expires two hours after it's first use, so it can be posted to several web pages. Auxiliary Validation File = AVF ------------------------------------------------ The data received will include the following proposed values during processing. Again, those items that do not fit into this structure will be saved in a temporary data store for merging at a later time. Field Name Proposed Value -------------------------------------------- Account Name <Cascadia ID Number> Expiration <NULL> Department <Null> College Code <00> Category <Cascadia> (this is a new category) Sponsor <Cascadia> Comment <Forwarding UW NetID> Other Discussion Points --------------------------------------- 1. The primary reason for documenting and training students at the beginning of the calendar year is that the browsers are currently configured for the old proxy server. 2. There are approximately 2400 students and 120 faculty/staff that will be using the system. 3. Is there an email available for students? Yes, however it is not reliable. Open Issues -------------------------------- 1. PAC Issues a. Currently UW AFV PACS expire within 2 months from creation. b. PACS also expire after use within 2 hours. If forgotten, the next feed will fix. c. Protection of PACS needs to be reviewed at both locations. 2. Feed Issues a. Turnaround for students will be at least 24-hours after registration b. Supplying the Birth Date is pending review by the AGO office at Cascadia. 3. C&C would have to notify the UW Libraries concerning the new category. 4. Sparta migration needs to be completed in order to deploy. 5. Support responsibility has to be solidified for new web page/database development. Action Items -------------------------------- Task/Person Responsible/Comment ----------------------------------------------------- - Document Meeting Notes/Richard Ortiz/Completed 12/13/2004 - Document Conceptual Design/Richard Ortiz/Completed 12/9/2004 - Arrange for discussion among James McShane and Jon Pass or Zephyr McLaughlin to discuss the web page development estimate/Richard Ortiz/In Process - Arrange for discussion among Sandy Nelson and Jon Pass or Zephyr McLaughlin to discuss the data feeds in both directions. - Meeting with Bill Jordan, UW Libraries concerning the old proxy server/Richard Ortiz/In Process - Review UW request with AGO to supply Birth Date in the feed to UW from Cascadia/Michael Klim/In Process - Review the results of Bill Jordan meeting with Cascadia Community College and UW Bothell/Richard Ortiz/ Thank you, -------------------- Richard J. Ortiz Technology Manager C&CI and Technical Support Client Services Computing and Communications 206-685-0907 email: rjortiz@cac.washington.edu Meeting Notes 12-02-2004
Providing UW NetID and Services to Cascadia December 2, 2004 Detailed Design Meeting Location: Cascadia Community College Attending:
Agenda Items The technical staff from Cascadia and the UW Seattle met to discuss the following agenda items:
Introductions James McShane will be the primary developer and DBA for the web pages and the data feed. Email: jmcshane@cascadia.ctc.edu Sandra Nelson provides the feed to the UW Bothell Libraries that contains similar and other data. Email: snelson@cascadia.ctc.edu Jonathan Pass will be the primary technical point of contact for the data feed from Cascadia during the initial phases and testing. Email: pass@washington.edu Conceptual Design A review of the conceptual design was completed. Minor changes to data fields were made and the revision is attached as a PDF Conceptual Design rev. 2004-12-20 Data Feeds – Detailed Design Using the conceputual design as a basis for further development, a dataflow diagram was developed for exchange of data between the Cascadia Community College and the University of Washington Seattle (Computing & Communications group. Please see the attached PDF – DataFeedsCascadia
Data Feed Characteristics - Pipe Delimited File, unix or DOS - ID, Name, and Status are required in order to create a AVF Record - A full feed data feed is required - Only active records should be included in the feed - Employees and Students records should be in one feed - Name provided by Cascadia is 22 characters maximum - Double Blanks will be used when there is no value - All feed processing should be completed and sent by 10pm daily Data Feed Processing - Check file - Issues with the file should result in an email to netops@cascadia.ctc.edu - A status update page will be created by Jon Pass that will include the latest date the feed was processed for use by C&CI and the Help Desks at Cascadia In order to set up processing Jonathan will set up all the accounts for use by Cascadia. Each member should provide Jon Pass with the necessary information in order to create the accounts. Jonathan Pass will be the account owner and James McShane and Michael Klim will be designated as Registered Users.
Data Feed Characteristics - Pipe Delimited File - The feed includes all Student and Employee ID’s but only includes an UW AVF PAC if the ID is new Employees and Students records should be in one feed - Double Blanks will be used when there is no value - All feed processing should be completed and sent by 2am daily Data Feed Processing - To be deterimed by Cascadia Estimates A short discussion of the web pages was held that will be required at Cascadia and the UW. Jonathan indicated that he would provide the form values that were required to post to the uwnetid.washington.edu pages for account creation. Richard will arrange for a meeting in early January to continue the discussion. High Level Activities
Data Feed Cascadia à UW Action Items: Task / Person Responsible / Date ----------------------------------------- Contact Ken Coar, Payroll Mgr. at Cascadia to determine if a payroll record might be created for those employees that need access prior to becoming eligible for payroll. This might alleviate an issue indentified in our conceptual design/ Michael Klim / 1-17-2005 Review the estimates for the high level activities, the feed data elements table, characteristics, and processing and provide feedback to Richard Ortiz/ Jon Pass and James McShane / 1-10-2005 Process Summary Notes - Nathan Dors
PROVIDING NETIDS TO CASCADIA: PROCESSES & SERVICES
1. Service Overview
The principal parties from both the UW and CCC must still agree as to the specific policies governing eligibilty: exactly who gets a UW NetID and under what conditions one has and retains a Cascadia affiliation. To the degree there is already considerable agreement along these lines, this document focuses more on requirements and deliverables that will determine our implementation plan. 2. Cascadia Person Feed - CCC will provide a "Cascadia person feed" representing CCC students, staff, and faculty. It is quite likely that the source data will originate from an extract already being made from the CIS system. - The Cascadia person feed will drive entitlement to UW NetIDs. UW/C&C will provide UW NetIDs to those currently entitled via the feed and eligibility policy. - The Cascadia person feed will include the following attributes: . First name . Last name . Date of birth . CIS SID identifier . Street address? . CCC status? . CCC affiliation? - CCC will document the attribute values such that both parties can agree to common semantics for authorization purposes. - UW/C&C will accept the feed via some import process; exact method TBD. - UW/C&C and CCC must coordinate processes for handling exceptions, e.g.source identifier changes, database fixes, etc., all TBD. - Feed format, transport, security, frequency. TBD. 2. Private Access Code (PAC) - In our context, a private access code (PAC) will be a single-use credential used during UW NetID creation. It will have a short-term expiration period. - PACs will not be involved in the password reset process; see below.- PACs will be generated by UW/C&C and transfered to CCC during the CascadiaDetails, TBD. Person feed process: i.e., CCC sends person data; UW/C&C returns PAC information (e.g. PAC per SID). (1) PAC Retrieval Page - CCC creates a web-based service, authenticated by CIS SID and PIN, that users visit to retrieve their PACs. (2) PAC-Free Sign-up Page - CCC creates a web-based service, authenticated by CIS SID and PIN, that posts user info and PAC directly into UW/C&C's UW NetID creation service (thus, requiring no end-user handling of PACs). (3) CCC walk-up help desk staffed to distribute PACs to users. (4) Postal mail, everyone's favorite method.- 3. "Create UW NetID" Pages - UW/C&C will provide a web-based "create your UW NetID" service for Cascadia users. - Cascadia users will provide their account information and PAC (see options above) to the "create your UW NetID" service, which will verify the info against data from the Cascadia person feed to make an eligibility decision. - UW NetIDs created through this mechanism will be permanent; users will select their own UW NetID identifier (i.e., no more fixed format "ctcnnnn" string).UW NetID services received, TBD. However, it would be consistent with other similar populations to provide @u email address forwarding. 4. UW NetID Password Change & Reset - Cascadia users will be able to use the regular UW NetID "passwordchange" and "password reset" services, to change current passwords and reset forgotten passwords (by secret questions), respectively. - Cascadia users who have forgotten the answers to their secret questions and therefore cannot reset their password, can call UW/C&C during regular business hours, identify themselves, and get a new password. - TBD. Meeting Notes 1-28-2005
Internal Technical Review of the Charter and Conceptual Design Meeting Notes Attending: Bob Morgan, Zephyr McLaughlin, Charter Changes
- Proper security will be addressed in the data exchange between - Cascadia wil manage UW NetID custody 6. Constraints should include the following: - The new UW NetID-authenticated proxy will replace the current PIN-authenticated proxy - There will be no matching of records with the current UW person registry database and therefore presumably higher costs in the future for authentication. Conceptual Design Review It is proposed that we drop the use of Private Access Codes in the design and replace this with the use of Shibboleth. Pro · No feed from the UW would be required for Cascadia Community College (CCC) to process · No changes would have to made in the way Private Access Codes (PAC) are issued at the UW · We have prior experience at working with · The PAC generation process based on the nightly feed would not have to be processed. The PAC generation process is currently an issue with other feeds and we know that this heavy processing load does not scale well. · Assuming that CCC would want a single sign-on capability, Shibboleth could fill that role on the campus. Con · Cascadia Community Collete (CCC) would have to run a Shibboleth application, with technical support from the UW C&C staff · CCC would have to run a Linux box. Meeting Notes 3-2-2005
Reivew and Approval of Conceptual Design with Cascadia Community College and UW Bothell Meeting Notes Attending: Michale Klim, Sandra Nelson, Rob Estes, Bob Morgan, Zephyr McLaughlin, Status of the Project
Review of the Conceptual Design Bob Morgan reviewed and walked through the conceptual design. All agreed that the new method that eliminated the use of PAC's was a good one. There was minor change to the support provided by UW for the Shibboleth application. The new statement reads: "CCC would have to run a Shibboleth application, with technical support from the UW C&C staff ." During the design approval process, the following issues were discussed. 1. UW C&C will provide the signup process and have sample web pages and test UW NetID's to supply to Michael Klim at Cascadia. 2. UW C&CI will support clients (students, faculty and staff) that are in the UW NetID creation process. 3. The feed to the UW Bothell libraries from Cascadia would continue. 4. Windows is the strategic direction of the Cascadia Community College. Bob Morgan agreed that we would support the Windows version of the Shibboleth for this application. 5. It was undetermined how many physical Windows boxes would be required. Other discussion 1. Cascadia ID's are unique per community college? 2. Faculty/Staff and Student Numbers are the same in the Cascadia system 3. James McShane would contact Bob Morgan or Nathan Dors for additional information concerning Shibboleth. Meeting Notes 4-14-2005
Review of Project Plan Meeting Notes Attending: Bob Morgan, Zephyr McLaughlin,
Meeting Notes 5-27-2005
Meeting Notes 5-27-05 Review of Project Plan Attending: UW-Seattle Bob Morgan, Zephyr McLaughlin, Cascadia Community College - Michael Klim, Guy Pace, Sandra Nelson Meeting Notes AGENDA Focus on the following agenda items: 1)Test Feed from Cascadia - discussion on one feed if possible, but multiples could be merged 2)Shibboleth Installation at Cascaida 3)Web Page Design 4)Richard will update Bill Jordan after meeting today 5/27 - Updated 5)Set Time for next Project Review Meeting Meeting Notes 6-3-2005
Meeting Notes 6-03-05 Review of Project Plan Attending: UW-Seattle Bob Morgan, Zephyr McLaughlin, Cascadia Community College - Michael Klim, Guy Pace, Sandra Nelson, Karen Schlosser Meeting Notes AGENDA 1)Test Feed from Cascadia 2)Shibboleth Installation at Cascaida 3)Web Page Design 4)Richard - Bill Jordan and the use of the proxy server - questionable, will let me know later? 5) Modify Web Pages at UW 6)Develop Support Plan for Cascadia UW NetID's 7)Integration testing will be discussed at our next call. - Postponed until we get other tasks completed. 8)Set Time for next Project Review Meeting Meeting Notes 6-16-2005
Meeting Notes 6-16-05
Review of Project Plan Attending: UW-Seattle Bob Morgan, Cascadia Community College - Michael Klim, Guy Pace, Sandra Nelson, Meeting Notes AGENDA Agenda - 6/16/2005 Review UW Feed (Zephyr, Jon) Revision discussed via email on the web pages. Modify Web Pages at UW - Setup Hardware Platform for Shibboleth |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Send mail to:
rjortiz@cac.washington.edu
Last modified: 6/23/2005 11:01 AM |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||