Paper:	Choosing a Single Sign-On Solution at STScI
Volume:	485, Astronomical Data Analysis Software and Systems XXIII
Page:	289
Authors:	Alexov, A.; Deighton, D.; Doggett, J.; McCuen, L.; Russell, R.; Yermolaev, A.
Abstract:	The Space Telescope Science Institute (STScI) has over 100 online tools and services most of which require their own username and password for authentication. These services span from Human Resources tools for time-keeping to science collaborative wikis like Confluence and the Archive Search Services which give access to proprietary data. These disparate and independent systems have led to problems for end-users who must track multiple electronic identities for all these services. In order to consolidate these logins, improve security at STScI and to better the user experience, we have embarked on a search for a Single Sign-On (SSO) solution which would encompass a large number of requirements from engineering, science and IT divisions. In this paper we discuss several SSO options which we found to be popular with astronomical centers. We give full details on the reasoning behind choosing Shibboleth and Central Authentication Service (CAS) as our SSO solution at STScI. We outline hurdles, lessons learned and implementation solutions which we have taken in order to migrate STScI web services to using SSO. We discuss the benefits of SSO and our future plans.

Astronomical Society of the Pacific
Conference Series

© Copyright 1988 - 2024 - Astronomical Society of the Pacific
No part of the material protected by this copyright may be reproduced or used in any form other than for personal use without written permission from the ASP.

Page generated in 0.069 seconds