Add to collection(s) Add to saved
  1. No category

ZerothClick

advertisement 
Zeroth Click
Andrew Petro
JA-SIG Atlanta, December 4, 2006
© Copyright Unicon, Inc., 2006. This work is the intellectual property of Unicon, Inc. Permission is granted for this material to be shared for
non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that
the copying is by permission of Unicon, Inc. To disseminate otherwise or to republish requires written permission from Unicon, Inc.
You are missing out on
• It’s the Enterprise, Dude
• A Community Source Notification System
• Integration of Version Control and Code
Migration Processes
This presentation
• Ideas, hints, and patterns for high-value
unauthenticated portal experiences.
Meet your speaker
• Andrew Petro
• Previously with Yale University
– Technology and Planning
• Now at Unicon, Inc.
– “Academus Development Lead”
uPortal is really cool
• Pluggable authN
• Flexible attribute collection
• Agile Groups
• Nuanced permissions
• Powerful layout capabilities
• Adjectives dripping all over the place
uPortal is really cool
• Pluggable authN
• Flexible attribute collection
• Agile Groups
• Nuanced permissions
• Powerful layout capabilities
• Adjectives dripping all over the place
All this coolness requires AuthN
• If only you would log in, all these
wonderful things could follow
• It’s a lot like Marley being dead to begin
with.
If only you would log in
• We’d know who you are
• We’d have attributes about you
• We’d know what groups you’re in
• We’d know what permissions you have
• We could build your layout
Rutgers baked this into a strategy
• Keys to Portal Success:
– Hire a vendor (no joke!)
– Focus on the logged in user experience
• Heroics to eliminate the guest user and
replace with a static page
Wow, this is a short presentation
• In conclusion, for anything cool to
happen, the users gotta login.
• So, like, encourage them to do it.
Questions?
Andrew Petro
apetro@unicon.net
www.unicon.net
Well
• Maybe we can do something interesting with
the guest page…
Logging in is over rated
Look ma, no login
Why? Headlines
Headlines
Why? Events
Events
Full Disclosure
• Not implemented as directly uP rendering
• But it could have been
• PHP integrations are not a bad thing
Some coolness *doesn’t* require AuthN
• Universities are brimming with public
information, events, discoveries,
announcements that are not secret
No one wants a portal
• Very few users have the goal of accessing the
portal
• They have the goal of getting heads up
information, accessing services
• Portal as tool to accomplish those goals
• If you can solve that goal in fewer clicks or
with less overhead, you probably should.
• No bonus points for extra pain, after all.
Gaining adoption and logins
• High value services when logged in
• Opportunity to put information in front of
student eyeballs
• Sometimes, even hold some coolness back
Network Registration
*Reducing* logins
• Say what?
• Control the load
• Especially at the highest usage moments
• Control the “burstyness”
Guest user
• What you get when you’re not logged in
• Can still proxy and aggregate
• Can still cache
ICacheable
• Cache keys can be
– User scoped
– System scoped
Idea: special URLs for accessing the portal
• Browser provides hint
– Campus cluster computer homepage?
– Different links depending on where you come
from?
Yale SAM Kiosks
• Service and Maintenance employees
Susan Bramhall is here
• She did most of the work and can speak to
implementation details
• And how this has worked out over time
• (And tell her to be in the JA-SIG “speed
dating” rotation next conference so she can
spread the word about this)
Tricks to be had here
• Genuinely multiple guest users
• Re-use a regular user account with
preferences locked down
Considering the remote address
• Hints as to on-campus, off-campus, where on
campus
• Like the special URL tricks?
Remote address as parameter to remote
feeds?
Cookies
• “Remember me on this computer”?
Remember Me
• Amazon.com approach
• “Mostly logged in”
– Think of it as weak authN
– Until you do something sufficiently important
– At which point you more strongly authenticate
“Echo user” idea
• User that gets my layout
• Has some of my user attributes as cached
• Is member of “presumed-Student” etc. groups
• DLM degrades layout appropriately given
degraded permissions
An echo of a user
CAS has some neat outcomes here
• Portal cannot proxy an authentication you
don’t have
• So content that requires strong authentication
to go get data from elsewhere
– Fails gracefully?
– Well, can fail gracefully
– DLM dropping unauthorized content
– CError extension
Implementing
• Well, remember that uPortal is really cool…
uPortal is really cool
• Pluggable authN
• Flexible attribute collection
• Agile Groups
• Nuanced permissions
• Powerful layout capabilities
• Adjectives dripping all over the place
Pluggable Authentication
• So plug in AuthN that considers “rememberme” cookies or remote address or hint URLs.
Pluggable attribute sources
• So plug in sources that draw attributes from
cache
• And filter / merge strategies that appropriately
filter the cache?
Pluggable groups
• So create some less-certain echo groups?
Echo groups
Everyone
LikelyStudents
Students
Permissions can cope with this
• Yes, this adds complexity
• (More on that shortly)
• But uPortal permissions *can* model this
• How do you want the experience to degrade?
– What am I allowed to see and do when I’m only
weakly authenticated?
Powerful layout capabilities
• Degrade just-in-time appropriately
• Control which layout portions you get when
weakly authenticated
Sobering thoughts
• Don’t run out and implement this
• It’s something to think about
• Tradeoff of complexity / more nuanced user
experience
• But even if you don’t go implement these use
cases
– Demonstrates the power of the platform
Making login less painful
• Single Sign On
– CAS
– Others
Bootstrapping a CAS login
• CAS “gateway” parameter allows trying for a
“freebie” CAS login *without* CAS interrupting
flow with login screen
Gateway
• Tells CAS to redirect back without a ticket if
one cannot be acquired non-interactively
(e.g., via an established SSO session).
• Allows you to provide the best user
experience possible under the circumstances.
Public Portal
Authenticated Portal
First request to the portal
CASify all requests
Login Screen
But I just wanted the weather…
Needlessly locking public information
Effective use of Gateway
1) Authenticated, personalized content
2) Public, generic content
3) Login screen
Many opportunities with uPortal
• Compelling user experiences, whether
– Unauthenticated
– Weakly authenticated
– Strongly authenticated
• uPortal can start delivering value from the
zeroth click
Questions?
Andrew Petro
apetro@unicon.net
www.unicon.net
Related documents
Aeries Parent Portal is available as an app. Click for directions
Aeries Parent Portal is available as an app. Click for directions
INOW/ parent portal
INOW/ parent portal
How to Access Your Benefits Information • Go to https://portal.adp
How to Access Your Benefits Information • Go to https://portal.adp
Quick Guide 3 – How to Login Logging in
Quick Guide 3 – How to Login Logging in
Community Schools, the Director - Coalition for Community Schools
Community Schools, the Director - Coalition for Community Schools
Download
advertisement