USD Logo MySanDiego | Libraries | Bookstore | Find People | A to Z Index | Resources | Jobs
 Prospective Students | Current Students | Alumni, Parents & Friends | Faculty & Employees | Visitors | International
About USDAdmissionsAcademicsNews and EventsAdministrationAthleticsGiving

My.SanDiego.Edu

Search Web Development:
Web Development » Web Coding Tips » Single Sign-on » My.SanDiego.Edu

My.SanDiego.Edu

We now have a student portal which uses its own single sign-on capability. You can use it instead of the current single sign-on by adding one line of PHP to your web page. In front of the line that includes login.php, add:

<? $authMySanDiego = true; include('/web/includes/login.php'); ?>

Instead of authenticating directly against our password server, your visitor’s browser will be redirected to the My.SanDiego.Edu portal; if they successfully authenticate, they will be returned to your web page.

The advantages of the My.SanDiego.Edu single sign-on are:

  • The single sign-on spans multiple servers without our having to tell browsers to send the security cookie to any server in the sandiego.edu domain. A visitor can sign on to one server, and they are then signed in to all servers that use My.SanDiego.Edu for their authentication.
  • The My.SanDiego.Edu system is arguably more secure, because the visitor’s password is only sent to the authentication server; it never passes through the servers that rely on it for authentication.

The disadvantages of the My.SanDiego.Edu single sign-on are:

  • It does not provide any extended information about the visitor; it returns only the visitor’s username. It does not return whether the visitor is faculty, staff, or student, for example. We may hack that information in to login.php, but we’ll need to have discussions about the security implications of returning such information without having a valid password to authorize it.

Custom login

Because of the way that My.SanDiego.Edu works, $customLogin can only log in to the WWW single sign-on, not the My.SanDiego.Edu one. If you have $customLogin set, the system will provide a My.SanDiego.Edu login if the visitor is already logged in there; but if not, and you provide a login form, they will only be logged in to WWW. Other sites at USD will still require a login.

Custom groups and user lists

This plugin can compare My.SanDiego.Edu logins against custom allow lists and group allow lists. Set them up just as you do for the standard single sign-on.

However, you cannot use the portal and check against the official groups: the portal does not return whether a login belongs to faculty, staff, student, or any of the other groups.

About USD | Admissions | Academics | News & Events | Administration | Athletics | Giving
Help | Equal Opportunity Policy | USD Web Privacy Policy | Contact Us
 ©2009 USD. All rights reserved.

University of San Diego, 5998 Alcalá Park, San Diego, CA 92110  (619) 260-4600

Page last updated: Thursday, June 25, 2009