Western WebLogin Service
What is Western WebLogin Service?
Western WebLogin Service provides central authentication for web-based services and applications. The Western WebLogin Service allows applications (service providers) to authenticate users using their Western credentials, without having to maintain their own password system.
Supported Authentication Protocols
- CAS (Central Authentication Service) supports CAS 2 and CAS 3 protocols.
- Shibboleth supports the SAML2 protocol
How Do I Implement the Western WebLogin Service?
- First, submit a Technology Risk Assessment (TRA) for your application. Details about the TRA can be found at Information Security Technology Risk Assessment
- Determine if your application supports CAS or Shibboleth. WTS strongly recommends using CAS
- Upon completion of TRA, complete the WebLogin Authentication Request form in Jira Service Desk, to begin the process.
Additional Important Items
- Logging Out
- Western WebLogin stores information in the user's web browser, using a feature called cookies. Remind users to close the browser for a complete logout.
- Authentication vs Authorization
- Western WebLogin provides authentication services, determining if a user's credentials are valid.
- It is the responsibility of the application to perform authorization, determining if a user is allowed to use the application.
- Western WebLogin has the ability to send attributes (ie. username, role (staff, student, etc), Active Directory group membership) about a user to aid the application in authorization.
Published on and maintained in Cascade.