Versions Compared

Version Old Version 57 New Version 58
Changes made by

Baron Fujimoto

mhodges

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Connecting to LDAP is referred to as binding.
  • You cannot bind to LDAP anonymously, credentials are required.
    • You must request a special DN in order to bind per UH Data Governance policies.
    • Special DNs are only granted when CAS (the UH Web Login Service) will not suffice.
    • Special DN requests are subject to E2.215 and may require a Data Governance approval.

...

Warning
titleCAS recommended as an alternative to LDAP

Consider CAS (the UH Login Service) as the preferred and highly recommended alternative to using LDAP for authentication where feasible. Why use CAS?

Security

  • Passwords are hidden from the app; the app does not have to be be responsible for handling passwords securely
  • CAS supports enhanced security with multi-factor authentication (MFA) via DUO

Convenience

  • No login for subsequent apps if SSO is allowed

Consistency

  • One official login page for all of UH

...