DoIT Middleware Knowledgebase
This document gives an overview of IAA (Identification, Authenticaion, and Authorization). It is divided into the following sections:
IAA is a set of services provided to Common Systems that span individual University of Wisconsin institutions. It's major components are:
IAA Registry
An Oracle-based data store and set of PL/SQL procedures that provide Identity Management and data about all individuals in the UW System.IAA Authentication Hub (Auth Hub)
A Web application that creates a Central Authentication Service for shared system applications, allowing the applications to authenticate users without knowing the particulars of authentication for the campuses, allowing users to authenticate with their local campus username and password for shared applications.
The Auth Hub relies on Identification, Authentication and Authorization (IAA), a UW System database used to store Student, faculty, staff and "other" population person data. The person data is supplied by central directly services such as LDAP, local student information systems, campus other systems, UWPC, etc.
As an example, the Learn@UW servers are hosted in Madison. A user in Green Bay goes to the Learn@UW login page, and provides their local Green Bay username and password. The Madison Learn@UW server uses IAA and waits to hear from Green Bay's authentication server. If the username and password are correct, the Madison server allows the user access to the system.
The DoIT Help Desk supports end-user access IAA-supported applications.
IAA is available on a 24 X 7 basis. All users of IAA-supported applications automatically will use IAA; there is no authorization form or software necessary.
| Keywords: | iaa authorization uw system directory authn identification authentication authz product overview handling Service Description | Doc ID: | 3587 |
|---|---|---|---|
| Owner: | Pending O. | Group: | Help Desk |
| Created: | 2005-03-24 | Updated: | 2009-06-28 |
| Sites: | Help Desk, Middleware | ||