© blackboard, inc. © northwestern university all rights reserved. delivering new data types with...
Post on 17-Dec-2015
213 Views
Preview:
TRANSCRIPT
© Blackboard, Inc. © Northwestern University All rights reserved.
Delivering New Data Types With Plone:A Building Block for Versatile Content Management
Patricia Goldweic, Brian NielsenNorthwestern University
2
Abstract
» Northwestern University has developed a Blackboard Building Block that offers users a versatile open source content management system called Plone. Plone provides workflow capabilities and extensible content types to allow unique functionalities for Blackboard users. Using Plone as the image repository, an image zooming and annotation tool will be demonstrated.
3
Session Overview
» Northwestern’s environment and history with Building Blocks
» The Problem: How many times will we have to do this?
» The Application Link Maker B2 and Plone» How does it work? » Demonstration: Plone and Project Pad within
Bb» Q & A
4
About Northwestern University
» Private research university with ~20,000 students,
» Bb customer since early 1999» Learning System, PeopleSoft integration, use of
other Blocks, e.g. SafeAssignment, eLMS
5
NU’s Earlier B2 Development
» The “Depot” block: login integration with a local Xythos system, and document serving in content areas
» The RefWorks block: login integration and provision of bibliographies in content areas
6
NU’s Earlier B2 Development
» The “Depot” block: login integration with a local Xythos system, and document serving in content areas
» The RefWorks block: login integration and provision of bibliographies in content areas
7
How Many Times Will We Have To Do This?» Project Pad toolset in Sakai:
http://projectpad.northwestern.edu
8
Two Possible Solutions
» Link into a more general-purpose tool (but which?)
» Make a more generalized linking mechanism for A VARIETY OF tools
9
Our Answer: the Application Link Maker B2
And . . .
10
Plone: http://plone.org
» An Open Source content management system
» In wide use
» Python-based
» Very flexible
» Well documented and with several service providers
11
Application Link Maker as A General Purpose Single sign-on Mechanism
» Application Link Maker B2 provides 50% of the single sign-on functionality
» Other 50% is provided by a custom authentication ‘module’ (‘tweak’) in the external application that interprets parameters sent in an http request by the B2.
» A trust relationship
12
Exploring the Application Link Maker Side
» Creates secure links to external app carrying user info (user id, course id, etc.) plus a time-based encrypted token
» Encryption done through a Java class created for NU’s B2 (EncryptionUtils)
» The same class (or an appropriate port in a different language) used for both the B2 and the external application
» The Plone integration required porting this class to Python
13
EncryptionUtils.java class
» Important methods:
1. EncryptionUtils(String pass, String id, String algorithm, int delta) - Used on both the building block and the external application
2. public String encrypt() – Used only in building block
3. public boolean verify(String given) – Used only in external application
14
http request
resource location
one-way encryption key
user identity
course identity
timestamp
any other parameters
15
Receiver Processing
confirms valid encryption:
(user identity and timestamp)
logs user on
places user in “course”
16
Package edu.northwestern.at.encryptionutilspackage edu.northwestern.at.encryptionutils;
import java.security.*;import java.util.*;
import edu.northwestern.at.utils.*;import edu.northwestern.at.ntp.NUClockSkewUtils;
/** * * This class implements a simple encryption (hashing) algorithm as follows: * * It provides the ability to: * - Encrypt a (string) password given as additional inputs a user id string, and a MessageDigest algorithm * (method 'encrypt'). The encryption is time-based and it is done using the MessageDigest class in * the JSDK, and using as inputs the string, the user id and the current time. * - Verify whether a given (encrypted) string has been obtained using the previous mechanism and * passes the 'time' test (that is, whether the encryption and verification happen within a restricted * time frame). (method: 'verify). * * * @author Patricia Goldweic */public class EncryptionUtil {
/** This algorithm's password */private String m_pass;
. . . (available, site TBD)
17
18
Q & A
top related