USD Logo MySanDiego | Libraries | Bookstore | Find People | A to Z Index | Resources | Jobs
 Prospective Students | Current Students | Alumni | Faculty & Employees | Visitors | International
Advanced
Search
About USDAdmissionsAcademicsNews and EventsAdministrationAthleticsGiving

My.SanDiego.Edu

Search Web Development:
Web Development » Web Coding Tips » Single Sign-on » My.SanDiego.Edu

My.SanDiego.Edu

We now have a student portal which uses its own single sign-on capability. You can use it instead of the current single sign-on by adding one line of PHP to your web page. In front of the line that includes login.php, add:

<? $authMySanDiego = true; include('/web/includes/login.php'); ?>

Instead of authenticating directly against our password server, your visitor’s browser will be redirected to the My.SanDiego.Edu portal; if they successfully authenticate, they will be returned to your web page.

The advantages of the My.SanDiego.Edu single sign-on are:

  • The single sign-on spans multiple servers without our having to tell browsers to send the security cookie to any server in the sandiego.edu domain. A visitor can sign on to one server, and they are then signed in to all servers that use My.SanDiego.Edu for their authentication.
  • The My.SanDiego.Edu system is arguably more secure, because the visitor’s password is only sent to the authentication server; it never passes through the servers that rely on it for authentication.

The disadvantages of the My.SanDiego.Edu single sign-on are:

  • It cannot provided levels of access depending on whether a visitor is signed in or not. Once a visitor to your web page is redirected to the My.SanDiego.Edu server to sign in, they are not returned to your page until and unless they have signed in.
  • It does not provide any extended information about the visitor; it returns only the visitor’s username. It does not return whether the visitor is faculty, staff, or student, for example. We may hack that information in to login.php, but we’ll need to have discussions about the security implications of returning such information without having a valid password to authorize it.

Custom login

Because of the way that My.SanDiego.Edu works, $customLogin is ignored: visitors are sent to the portal login page regardless of whether that option is set or not. The visitor won’t get back to your page unless they log in at that site, so there is no use for a custom login form.

Custom groups and user lists

This plugin can compare My.SanDiego.Edu logins against custom allow lists and group allow lists. Set them up just as you do for the standard single sign-on.

However, you cannot use the portal and check against the official groups: the portal does not return whether a login belongs to faculty, staff, student, or any of the other groups.

About USD | Admissions | Academics | News & Events | Administration | Athletics | Giving
Help | Equal Opportunity Policy | USD Web Privacy Policy | Contact Us
 ©2007 USD. All rights reserved.

University of San Diego, 5998 Alcalá Park, San Diego, CA 92110  (619) 260-4600

Page last updated: Friday, August 10, 2007