• About ET
• Initiatives
• Publications
• Search

---

WebAccess

Description

WebAccess provides a means by which users can authenticate once to a Web application, receive a digital credential, and use this credential to "automatically" login to other WebAccess-enabled, Web-based applications offered at Penn State.

The primary technology being used for this is the University of Michigan's CoSign software. CoSign provides a login server and Web server authentication filters for Apache and IIS Web servers. The filter protects a Web application and redirects a user to the login server if he/she has not yet logged in. The login server authenticates the user against a central access account database (Kerberos). A properly-authenticated user is returned to the Web application which then allows the user access. The mechanism used to pass this information back and forth is a cookie stored in the user's Web browser. The integrity of this data is ensured because the login server cryptographically signs this data.

In 2004, Applied Information Technologies (AIT) in ASET put into production and implemented Penn State WebAccess, Penn State's Single Sign-On (SSO) solution. The WebAccess system, which uses the University of Michigan's Cosign technology (a development effort that is funded by the National Science Foundation's National Middleware Initiative-Enterprise and Desktop Technologies program), provides an environment in which users authenticate/login once with their respective Access Account userids and password to a central server in order to access multiple services protected with WebAccess without needing to re-authenticate. Several Penn State services that require authentication have enrolled in WebAccess, including: the Penn State Portal, Penn Sate WebMail, Web-Based Training, the ITS Secure Server, downloads.its.psu.edu, the NFS to PASS Gateway, and the Inside ITS Web site. Likewise, many units throughout Penn State use WebAccess for their respective internal Web sites/intranets. Support for Friends of Penn State (FPS) accounts was made available in May 2005.

Publications

Resources

CoSign: Secure, Intra-Institutional Web Authentication

Penn State WebAccess Help/Info Page

Primary ET Contact

Renee Shuey RShuey@psu.edu

Collaborators

Applied Information Technologies (AIT) ASET, a unit of ITS.

Expected Deliverable(s)

WebAccess is now a production-level service. Please refer to the Penn State WebAccess Help/Info Page for more information.

Level of ET Involvement

WebAccess has moved to AIT entirely. Please refer to the AIT Web site for more information.

Initiative Start Date

October 2002