Pepperdine University Integrates Its Web Systems with CAS

Case Study

 

Highlights

  • Highlights

  • CAS enables simplified web application development and increased security.

  • CAS provides web application users with an enhanced user experience.

  • CAS can reduce man-hour costs due to less IT Help Desk calls to reset passwords.

Pennant

Pepperdine University

Pepperdine University is a private Christian college that enrolls approximately 7,700 students annually. Pepperdine has grown to be one of the top-ranking universities in the country, instilling in its students a sense of purpose, service, and leadership.

Pepperdine University’s growth has been mirrored by its growing web systems environment across its campuses. The number of web applications continues to rise, including the addition of OmniUpdate’s web content management system (CMS), OU Campus™, in 2002. Prior to 2008, Pepperdine required users to perform individual logins for each application. This was time-consuming and presented security issues, as it required more personal information than necessary to be exchanged with third parties. This also required end users to remember multiple user IDs and passwords, which resulted in a significant amount of calls to the Pepperdine IT Help Desk.

Individual logins for each campus web application were time-consuming and presented security issues.

 

Login Overload

Pepperdine University’s growth has been mirrored by its growing web systems environment across its campuses. The number of web applications continues to rise, including the addition of OmniUpdate’s web content management system (CMS), OU Campus™, in 2002. Prior to 2008, Pepperdine required users to perform individual logins for each application. This was time-consuming and presented security issues, as it required more personal information than necessary to be exchanged with third parties. This also required end users to remember multiple user IDs and passwords, which resulted in a significant amount of calls to the Pepperdine IT Help Desk.

Systems Integration with CAS

In 2008, Pepperdine presented this login issue to OmniUpdate and quickly discovered that OU Campus could be integrated with the Central Authentication Service (CAS) single sign-on protocol. This integration would allow users to log in with one initial user ID and password that would then grant them access to all the applications that use CAS, without having to enter the user ID and password again during a single session. In addition, CAS would allow an application to determine if a user had authenticated, but protect the user’s password from individual applications, allowing for a much more secure computing environment.

How CAS Works

The CAS single sign-on protocol works in a way such that when a user visits an application requiring authentication, the application redirects to a CAS login page. The CAS server validates the user’s authenticity by checking the user ID and password against a database. If the authentication succeeds, CAS then returns the user to the application, passing along a security ticket. The application then validates the ticket by contacting the CAS server over a secure connection and providing its own service identifier and ticket. CAS then gives the application trusted information about whether a particular user has successfully authenticated.

Benefits of CAS

Pepperdine has experienced several benefits from integrating CAS with OU Campus and other web applications. A major benefit is that application developers do not have to write the authentication, session-keeping, or session-ending functions; they are simply called from a standard library. It is easier to write a secure application because extra code is not needed to safeguard the user password. Thus, there is a lower cost of application integration because there is less work needed to make the application compatible and there is less code to write. This ensures consistent and proper handling of all credentials and allows independence from the authentication mechanism, as there is no need to think about whether certificates, passwords, and so forth are used to authenticate. Examples of such applications are iTunesU and Google Apps/Mail, which have been effectively utilized by Pepperdine.

Another benefit of using CAS with OU Campus is ensured security. No passwords are transmitted to the host server, thus personal information and the university network are more secure. Additionally, CAS provides stats that tell you how often users get CAS tickets for OU Campus. The reporting is centralized for compliance adherence. Also, while the CAS session is two hours, the OU Campus session remains independent of the CAS session timeout.

CAS has reduced the man-hour costs associated with password resets.

A Simplified and Secure Solution

Pepperdine has found the integration of CAS with OmniUpdate’s OU Campus to be effective and efficient for the institution’s website and other applications. The security of information and the ease of use have increased, resulting in a better web experience for all users of Pepperdine’s web services. Users are provided with a unified view of authentication and, therefore, multiple logins for various applications are no longer required, making it a much simpler login process. Due to this simplification, Pepperdine has had fewer calls to the IT Help Desk, which has reduced the man-hour costs associated with password resets. In addition, web applications are more accessible, thereby encouraging use for teaching and learning.

Ready to learn more?