next up previous contents
Next: Customisation Up: WP 2 - Ease Previous: WP 2 - Ease   Contents

Add Users

In addition to using the built-in CHEF and Sakai configurations in which it is very easy to add new users, we carried out two tests to show that CHEF and Sakai can be integrated with existing user management systems.

Lancaster AuthN Integration

CHEF's login mechanism has been modified to use Lancaster University's LDAP directory interface for the primary means of authentication with the CHEF internal database-backed system being used as a secondary method. This means that any user, be they student or staff, can log straight into CHEF using their standard network username and password. LDAP is a very commonly used to hold institutional people data, such as names, addresses, roles and passwords and many tools exist to handle LDAP data, often by the LDIF conversion format. Because of this familiarity the Globus Grid middleware developers used it for their MDS information model with referral between multiple LDAP directories.

The piggy backing of an LDAP directory lookup on CHEF's default mechanism like this means that we can also authenticate external ReDReSS users by adding them to the CHEF user database. The CHEF documentation gives some guidance on how to achieve this. This is what we did:

  1. Created a java class that implements the interface PiggybackUdp You need to implement all of the methods, including the lookup methods, so that they query your institution's LDAP directory implementation. The Udp doesn't just authenticate users, it is used during worksite creation, see Section B.3, to check that the participants are known to the CHEF software. This gives a degree of referential integrity to the worksite creation process, so this is why the lookup methods are also important. The CHEF documentation recommends that this go in a 'plugin' sub-package.
  2. Modified the 'compile' target in CHEF's build.xml file so that the new class is compiled into the CHEF Web application's class tree.
  3. Modified the file in src/conf by changing the plugin component class SampleUserDirectoryProvider to the fully qualified name of the newly implemented class.

Lancaster Student Records System Integration

Lancaster uses a student records system called LUSI. This is based on a Microsoft SQL database with a Windows front end for report presentation. It was not possible to gain direct access to this system for the evaluation, so a similar test database has been created. This was linked to a CHEF service called StudentRecordsService which has three methods, getCourseList(), getStudentList() and getTeacherList(), the latter two of which take a course id as their sole parameter. This was wired into the Turbine framework using the CHEF configuration files. To permit the adding of a course worksite the UmiacClient functionality was replaced with calls to the custom StudentRecordsService. This was done, within the SiteAction class, by modifying the finishCourseSite() and addNewSite() methods.

The ability to link into people records systems such as this would be very beneficial in the creation of a VRE. Many researchers access large-scale facilities, such as ISIS, SRS, CLF and HPCx at CCLRC or Jodrell Bank and CSAR at Manchester. Currently all these facilities have diverse records systems for their users.

next up previous contents
Next: Customisation Up: WP 2 - Ease Previous: WP 2 - Ease   Contents
Rob Allan 2005-05-09