Zeroth Click Andrew Petro JA-SIG Atlanta, December 4, 2006 © Copyright Unicon, Inc., This work is the intellectual property of Unicon, Inc. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of Unicon, Inc. To disseminate otherwise or to republish requires written permission from Unicon, Inc.
You are missing out on It’s the Enterprise, Dude A Community Source Notification System Integration of Version Control and Code Migration Processes
This presentation Ideas, hints, and patterns for high-value unauthenticated portal experiences.
Meet your speaker Andrew Petro Previously with Yale University –Technology and Planning Now at Unicon, Inc. –“Academus Development Lead”
uPortal is really cool Pluggable authN Flexible attribute collection Agile Groups Nuanced permissions Powerful layout capabilities Adjectives dripping all over the place
uPortal is really cool Pluggable authN Flexible attribute collection Agile Groups Nuanced permissions Powerful layout capabilities Adjectives dripping all over the place
All this coolness requires AuthN If only you would log in, all these wonderful things could follow It’s a lot like Marley being dead to begin with.
If only you would log in We’d know who you are We’d have attributes about you We’d know what groups you’re in We’d know what permissions you have We could build your layout
Rutgers baked this into a strategy Keys to Portal Success: –Hire a vendor (no joke!) –Focus on the logged in user experience Heroics to eliminate the guest user and replace with a static page
Wow, this is a short presentation In conclusion, for anything cool to happen, the users gotta login. So, like, encourage them to do it.
Andrew Petro Questions?
Well Maybe we can do something interesting with the guest page…
Logging in is over rated
Look ma, no login
Why? Headlines Headlines
Why? Events Events
Full Disclosure Not implemented as directly uP rendering But it could have been PHP integrations are not a bad thing
Some coolness *doesn’t* require AuthN Universities are brimming with public information, events, discoveries, announcements that are not secret
No one wants a portal Very few users have the goal of accessing the portal They have the goal of getting heads up information, accessing services Portal as tool to accomplish those goals If you can solve that goal in fewer clicks or with less overhead, you probably should. No bonus points for extra pain, after all.
Gaining adoption and logins High value services when logged in Opportunity to put information in front of student eyeballs Sometimes, even hold some coolness back
Network Registration
*Reducing* logins Say what? Control the load Especially at the highest usage moments Control the “burstyness”
Guest user What you get when you’re not logged in Can still proxy and aggregate Can still cache
ICacheable Cache keys can be –User scoped –System scoped
Idea: special URLs for accessing the portal Browser provides hint –Campus cluster computer homepage? –Different links depending on where you come from?
Yale SAM Kiosks Service and Maintenance employees
Susan Bramhall is here She did most of the work and can speak to implementation details And how this has worked out over time (And tell her to be in the JA-SIG “speed dating” rotation next conference so she can spread the word about this)
Tricks to be had here Genuinely multiple guest users Re-use a regular user account with preferences locked down
Considering the remote address Hints as to on-campus, off-campus, where on campus Like the special URL tricks?
Remote address as parameter to remote feeds?
Cookies “Remember me on this computer”?
Remember Me Amazon.com approach “Mostly logged in” –Think of it as weak authN –Until you do something sufficiently important –At which point you more strongly authenticate
“Echo user” idea User that gets my layout Has some of my user attributes as cached Is member of “presumed-Student” etc. groups DLM degrades layout appropriately given degraded permissions
An echo of a user
CAS has some neat outcomes here Portal cannot proxy an authentication you don’t have So content that requires strong authentication to go get data from elsewhere –Fails gracefully? –Well, can fail gracefully –DLM dropping unauthorized content –CError extension
Implementing Well, remember that uPortal is really cool…
uPortal is really cool Pluggable authN Flexible attribute collection Agile Groups Nuanced permissions Powerful layout capabilities Adjectives dripping all over the place
Pluggable Authentication So plug in AuthN that considers “remember- me” cookies or remote address or hint URLs.
Pluggable attribute sources So plug in sources that draw attributes from cache And filter / merge strategies that appropriately filter the cache?
Pluggable groups So create some less-certain echo groups?
Echo groups Everyone LikelyStudents Students
Permissions can cope with this Yes, this adds complexity (More on that shortly) But uPortal permissions *can* model this How do you want the experience to degrade? –What am I allowed to see and do when I’m only weakly authenticated?
Powerful layout capabilities Degrade just-in-time appropriately Control which layout portions you get when weakly authenticated
Sobering thoughts Don’t run out and implement this It’s something to think about Tradeoff of complexity / more nuanced user experience But even if you don’t go implement these use cases –Demonstrates the power of the platform
Making login less painful Single Sign On –CAS –Others
Bootstrapping a CAS login CAS “gateway” parameter allows trying for a “freebie” CAS login *without* CAS interrupting flow with login screen
Gateway Tells CAS to redirect back without a ticket if one cannot be acquired non-interactively (e.g., via an established SSO session). Allows you to provide the best user experience possible under the circumstances.
Public Portal
Authenticated Portal
First request to the portal
CASify all requests
Login Screen
But I just wanted the weather…
Needlessly locking public information
Effective use of Gateway 1)Authenticated, personalized content 2)Public, generic content 3)Login screen
Many opportunities with uPortal Compelling user experiences, whether –Unauthenticated –Weakly authenticated –Strongly authenticated uPortal can start delivering value from the zeroth click
Andrew Petro Questions?