The “Early Alert System” of SSP is meant to provide a means of tracking students as they are coached with tasks and goals to help ensure their educational success.
Basic Functionality: Essentially, the workflow for the Roster/SSP Early Alert integration should work like this:
1. Roster will have an Icon for each student that will link the user to the SSP Early Alert system.
- User will be linked by way of a separate window
- User will be authenticated (See SSO below)
- Student information will be populated with the student information from the roster.
Single Sign On Strategy (SSO) The workflow for the SSO strategy will follow a temporary token pattern.
1. When a user clicks the icon essentially starting the process, the origin server will hit the destination server with an encrypted version (md5) of the username, hashed by a shared passphrase.
2. The destination server will return an encrypted URL with a one-time, temporary security token
3. The source server will then match the previous username and send the redirect URL to the
4. This handshake allows the destination to authenticate the client.
Client has existing security roles that SSP will leverage.
- Roles will exist in a client controlled data store accessed remotely by SSP
- Roles will be populated from People Soft in a periodic ETL process determined by client
- Format for role data store will be documented and communicated to Unicon for retrieval from
an application in SSP system.