WIND Authentication Client Guide
   Next

WIND Authentication Client Guide

CUIT Research and Development Group

<cuit-wind@columbia.edu>

$Date: 2006/08/23 13:57:21 $

Table of Contents

What is WIND?
Sequence of Events for Standard Login
Responsibilities
Login Screen
Client Requests to WIND
Authentication (Login)
Validation
XML-Format Response Details
Logout
Affiliations
Sample Code Repository
Advanced Features: Proxiable Credentials
Proxiable Credentials: Implementation Details
The Actors
Sequence of Events
Proxy Client Requests to WIND
Authentication (Login)
Validation/PGT Request
Proxy Ticket Request
Proxy Ticket Validation
Requesting WIND Service for Your Application
Basic Information (Required)
Login Screen Settings (Optional)
Advanced Options

What is WIND?

WIND is a web authentication system which will verify that a person using a web browser can authenticate using a UNI. A "UNI" is a username in Columbia's Kerberos authentication system.

WIND was developed in order to allow web application developers to confirm a visitor's affiliation with Columbia without ever directly requesting a Columbia password. In order to authenticate, the visitor is redirected to Columbia's central secure web server.

The design of WIND closely follows the Yale Central Authentication System (CAS). Some features have been added to meet local needs, and to allow us to replace legacy web authentication methods. WIND implements a modified version of the new CAS 2.0 protocol, allowing for proxiable credentials for use by portals, as well as some improvements over the earlier WIND version.

   Next
   Sequence of Events for Standard Login