SlideShare a Scribd company logo

Google Apps @ Cambridge - What we did

Download as KEY, PDF
Jon Warbrick
Jon Warbrick

Google Apps was deployed at the University of Cambridge to provide calendar functionality to over 40,000 users across 100 departments and 32 colleges. A Java-based single sign-on application called gAuth was created to integrate Google authentication with the University's existing Raven authentication system. While rollout went smoothly, ongoing issues included conflicting accounts and support responsibilities. Usage grew steadily, with unique daily and monthly users increasing since the October 2010 launch.

TechnologyBusiness
1 of 29
Google Apps @ Cambridge What we did Jon Warbrick University of Cambridge Computing Service jw35@cam.ac.uk / @jw35
The University of Cambridge 100+ departments 32 colleges 40,000 users “A loose affiliation of warring fiefdoms”
Handy building blocks • University Computing Service • even if it doesn’t set policy • User Administration Database • Raven: Web Authentication system • including a Shibboleth IdP • A 2008 UCS trial of Google Apps
What do we want? A Calendar! Perhaps other things, later...
To stay within the law http://www.cam.ac.uk/cs/googleapps/google-apps-cambridge-contract.pdf Photo: CC BY-SA 2.0 Steve Punter http://www.flickr.com/photos/spunter/3363326374/
General Plan • Google Apps for Education • but just Calendar to start with • Use cam.ac.uk domain • Web SSO using Raven • Automatically available to everyone • Minimum ongoing staff involvement • Rollout September, for October, 2010
Web authentication
Web authentication
Web authentication SAML SSO service gAuth
Web authentication SAML SSO service gAuth
Web authentication SAML SSO service gAuth
gAuth • Based on Google example Java SAML code • SAML, but not Shibboleth • Java Webapp, runs in Tomcat • And some other things ...
Account creation gAuth
Account creation gAuth
Account creation gAuth Provisioning API
Account creation gAuth Provisioning API
Click-through T&C
Mail confirmation
Non-web authentication Shush! ‘Token’ == ‘Password’
Account management gAuth Raven feed User admin. database reconcile- reconcile- admin google Status: Google •[Unknown] •Current •Blacklisted •Cancelled •[Deleted]
Implementation • gAuth: Java webapp in Tomcat • Batch processing: Java run by cron (!) • (Live/stanby) pair of VMs on Xen cluster • Local Postgress database; Slony1 replication • Manual service address transition
Plain sailing? • Account issues • Pre-existing cam.ac.uk domain • ‘g’ ‘o’ ‘o’ ‘g’ ‘l’ ‘e’ not allowed in domain names • Calendar sync, iPhones and other mobile devices • Support. Do you or don’t you? Photo: CC BY 2.0 sailorbill http://www.flickr.com/photos/sailorbill/2435667146/
Account Issues • Conflicting accounts • Google apps vs. Google consumer • foo@cam.ac.uk != foo@cam.ac.uk • The ‘New Authentication Architecture’ transition • Conflicting accounts renamed • Loss of multiple login • The 62 ‘other’ Google services Photo: CC BY 2.0 sailorbill http://www.flickr.com/photos/sailorbill/2435667146/
Deployed October 2010 Number of Accounts http://www-uxsup.csx.cam.ac.uk/~jw35/google-usage/
Deployed October 2010 Unique users per day http://www-uxsup.csx.cam.ac.uk/~jw35/google-usage/
Deployed October 2010 Unique users per month http://www-uxsup.csx.cam.ac.uk/~jw35/google-usage/
“Prediction is very hard, especially about the future.” Niels Bohr • Groups? • Google Docs? • The 62 ‘Other Google Services’? Photo: © Copyright Stephen Craven and licensed for reuse under this Creative Commons Licence
Any questions?
Any questions? Jon Warbrick University of Cambridge Computing Service jw35@cam.ac.uk / @jw35

Recommended

React for .net developers
React for .net developersReact for .net developers
React for .net developers
macsdickinson
 
ReactJS.NET - Fast and Scalable Single Page Applications
ReactJS.NET - Fast and Scalable Single Page ApplicationsReactJS.NET - Fast and Scalable Single Page Applications
ReactJS.NET - Fast and Scalable Single Page Applications
Rick Beerendonk
 
JavaScript innovaties: ECMAScript 6 & 7
JavaScript innovaties: ECMAScript 6 & 7JavaScript innovaties: ECMAScript 6 & 7
JavaScript innovaties: ECMAScript 6 & 7
Rick Beerendonk
 
Introduction to ReactJS
Introduction to ReactJSIntroduction to ReactJS
Introduction to ReactJS
Jarosław Jaryszew
 
IBM and Node.js - Old Doge, New Tricks
IBM and Node.js - Old Doge, New TricksIBM and Node.js - Old Doge, New Tricks
IBM and Node.js - Old Doge, New Tricks
Dejan Glozic
 
React.js - and how it changed our thinking about UI
React.js - and how it changed our thinking about UIReact.js - and how it changed our thinking about UI
React.js - and how it changed our thinking about UI
Marcin Grzywaczewski
 
Vue.jsをはじめる
Vue.jsをはじめるVue.jsをはじめる
Vue.jsをはじめる
Reo Mori
 
Automation: The Power of Workflows
Automation: The Power of WorkflowsAutomation: The Power of Workflows
Automation: The Power of Workflows
William McKee
 

Recommended

React for .net developers
React for .net developersReact for .net developers
React for .net developers
macsdickinson
 
ReactJS.NET - Fast and Scalable Single Page Applications
ReactJS.NET - Fast and Scalable Single Page ApplicationsReactJS.NET - Fast and Scalable Single Page Applications
ReactJS.NET - Fast and Scalable Single Page Applications
Rick Beerendonk
 
JavaScript innovaties: ECMAScript 6 & 7
JavaScript innovaties: ECMAScript 6 & 7JavaScript innovaties: ECMAScript 6 & 7
JavaScript innovaties: ECMAScript 6 & 7
Rick Beerendonk
 
Introduction to ReactJS
Introduction to ReactJSIntroduction to ReactJS
Introduction to ReactJS
Jarosław Jaryszew
 
IBM and Node.js - Old Doge, New Tricks
IBM and Node.js - Old Doge, New TricksIBM and Node.js - Old Doge, New Tricks
IBM and Node.js - Old Doge, New Tricks
Dejan Glozic
 
React.js - and how it changed our thinking about UI
React.js - and how it changed our thinking about UIReact.js - and how it changed our thinking about UI
React.js - and how it changed our thinking about UI
Marcin Grzywaczewski
 
Vue.jsをはじめる
Vue.jsをはじめるVue.jsをはじめる
Vue.jsをはじめる
Reo Mori
 
Automation: The Power of Workflows
Automation: The Power of WorkflowsAutomation: The Power of Workflows
Automation: The Power of Workflows
William McKee
 
ProtoPie with Electron
ProtoPie with ElectronProtoPie with Electron
ProtoPie with Electron
Scotty Kim
 
Moving to the Client - JavaFX and HTML5 (PowerPoint Version)
Moving to the Client - JavaFX and HTML5 (PowerPoint Version)Moving to the Client - JavaFX and HTML5 (PowerPoint Version)
Moving to the Client - JavaFX and HTML5 (PowerPoint Version)
Stephen Chin
 
Munchkin
MunchkinMunchkin
Munchkin
Jaewe Heo
 
Moving to the Client - JavaFX and HTML5
Moving to the Client - JavaFX and HTML5Moving to the Client - JavaFX and HTML5
Moving to the Client - JavaFX and HTML5
Stephen Chin
 
Building API in the cloud using Azure Functions
Building API in the cloud using Azure FunctionsBuilding API in the cloud using Azure Functions
Building API in the cloud using Azure Functions
Aleksandar Bozinovski
 
Gatsby v2: Faster build times, guess.js, and more!
Gatsby v2: Faster build times, guess.js, and more!Gatsby v2: Faster build times, guess.js, and more!
Gatsby v2: Faster build times, guess.js, and more!
Gatsbyjs
 
Reactjs workshop
Reactjs workshop Reactjs workshop
Reactjs workshop
Ahmed rebai
 
Gwtcreatekeynote
GwtcreatekeynoteGwtcreatekeynote
Gwtcreatekeynote
Ray Cromwell
 
Web app job and functions - TUGAIT 2017
Web app job and functions - TUGAIT 2017Web app job and functions - TUGAIT 2017
Web app job and functions - TUGAIT 2017
Steef-Jan Wiggers
 
Rp 6 session 2 naresh bhatia
Rp 6 session 2 naresh bhatiaRp 6 session 2 naresh bhatia
Rp 6 session 2 naresh bhatia
sapientindia
 
Building solutions with the SharePoint Framework - introduction
Building solutions with the SharePoint Framework - introductionBuilding solutions with the SharePoint Framework - introduction
Building solutions with the SharePoint Framework - introduction
Waldek Mastykarz
 
Welcome to Wijmo 5
Welcome to Wijmo 5Welcome to Wijmo 5
Welcome to Wijmo 5
Chris Bannon
 
Intro to Azure Webjobs
Intro to Azure WebjobsIntro to Azure Webjobs
Intro to Azure Webjobs
Shahriar Hossain
 
AngularJS
AngularJSAngularJS
AngularJS
twopoint718
 
Azkaban
AzkabanAzkaban
Azkaban
Anatoliy Nikulin
 
Code First with Serverless Azure Functions
Code First with Serverless Azure FunctionsCode First with Serverless Azure Functions
Code First with Serverless Azure Functions
Jeremy Likness
 
Front End Optimization, 'The Cloud' can help you!
Front End Optimization, 'The Cloud' can help you!Front End Optimization, 'The Cloud' can help you!
Front End Optimization, 'The Cloud' can help you!
Marco Vito Moscaritolo
 
Intro to React
Intro to ReactIntro to React
Intro to React
Jamal Sinclair O'Garro
 
Web view
Web viewWeb view
Web view
YAMANE Toshiaki
 
Lessons from IPv6 Day
Lessons from IPv6 DayLessons from IPv6 Day
Lessons from IPv6 Day
Jon Warbrick
 
Web Authenication with Shibboleth - a view from the Flat East
Web Authenication with Shibboleth - a view from the Flat EastWeb Authenication with Shibboleth - a view from the Flat East
Web Authenication with Shibboleth - a view from the Flat East
Jon Warbrick
 
L'information superieure pour 2013 sur des programmes futes d'hotel de Marrak...
L'information superieure pour 2013 sur des programmes futes d'hotel de Marrak...L'information superieure pour 2013 sur des programmes futes d'hotel de Marrak...
L'information superieure pour 2013 sur des programmes futes d'hotel de Marrak...
riadamarrakech6834
 

More Related Content

What's hot

ProtoPie with Electron
ProtoPie with ElectronProtoPie with Electron
ProtoPie with Electron
Scotty Kim
 
Moving to the Client - JavaFX and HTML5 (PowerPoint Version)
Moving to the Client - JavaFX and HTML5 (PowerPoint Version)Moving to the Client - JavaFX and HTML5 (PowerPoint Version)
Moving to the Client - JavaFX and HTML5 (PowerPoint Version)
Stephen Chin
 
Munchkin
MunchkinMunchkin
Munchkin
Jaewe Heo
 
Moving to the Client - JavaFX and HTML5
Moving to the Client - JavaFX and HTML5Moving to the Client - JavaFX and HTML5
Moving to the Client - JavaFX and HTML5
Stephen Chin
 
Building API in the cloud using Azure Functions
Building API in the cloud using Azure FunctionsBuilding API in the cloud using Azure Functions
Building API in the cloud using Azure Functions
Aleksandar Bozinovski
 
Gatsby v2: Faster build times, guess.js, and more!
Gatsby v2: Faster build times, guess.js, and more!Gatsby v2: Faster build times, guess.js, and more!
Gatsby v2: Faster build times, guess.js, and more!
Gatsbyjs
 
Reactjs workshop
Reactjs workshop Reactjs workshop
Reactjs workshop
Ahmed rebai
 
Gwtcreatekeynote
GwtcreatekeynoteGwtcreatekeynote
Gwtcreatekeynote
Ray Cromwell
 
Web app job and functions - TUGAIT 2017
Web app job and functions - TUGAIT 2017Web app job and functions - TUGAIT 2017
Web app job and functions - TUGAIT 2017
Steef-Jan Wiggers
 
Rp 6 session 2 naresh bhatia
Rp 6 session 2 naresh bhatiaRp 6 session 2 naresh bhatia
Rp 6 session 2 naresh bhatia
sapientindia
 
Building solutions with the SharePoint Framework - introduction
Building solutions with the SharePoint Framework - introductionBuilding solutions with the SharePoint Framework - introduction
Building solutions with the SharePoint Framework - introduction
Waldek Mastykarz
 
Welcome to Wijmo 5
Welcome to Wijmo 5Welcome to Wijmo 5
Welcome to Wijmo 5
Chris Bannon
 
Intro to Azure Webjobs
Intro to Azure WebjobsIntro to Azure Webjobs
Intro to Azure Webjobs
Shahriar Hossain
 
AngularJS
AngularJSAngularJS
AngularJS
twopoint718
 
Azkaban
AzkabanAzkaban
Azkaban
Anatoliy Nikulin
 
Code First with Serverless Azure Functions
Code First with Serverless Azure FunctionsCode First with Serverless Azure Functions
Code First with Serverless Azure Functions
Jeremy Likness
 
Front End Optimization, 'The Cloud' can help you!
Front End Optimization, 'The Cloud' can help you!Front End Optimization, 'The Cloud' can help you!
Front End Optimization, 'The Cloud' can help you!
Marco Vito Moscaritolo
 
Intro to React
Intro to ReactIntro to React
Intro to React
Jamal Sinclair O'Garro
 
Web view
Web viewWeb view
Web view
YAMANE Toshiaki
 

What's hot (19)

ProtoPie with Electron
ProtoPie with ElectronProtoPie with Electron
ProtoPie with Electron
 
Moving to the Client - JavaFX and HTML5 (PowerPoint Version)
Moving to the Client - JavaFX and HTML5 (PowerPoint Version)Moving to the Client - JavaFX and HTML5 (PowerPoint Version)
Moving to the Client - JavaFX and HTML5 (PowerPoint Version)
 
Munchkin
MunchkinMunchkin
Munchkin
 
Moving to the Client - JavaFX and HTML5
Moving to the Client - JavaFX and HTML5Moving to the Client - JavaFX and HTML5
Moving to the Client - JavaFX and HTML5
 
Building API in the cloud using Azure Functions
Building API in the cloud using Azure FunctionsBuilding API in the cloud using Azure Functions
Building API in the cloud using Azure Functions
 
Gatsby v2: Faster build times, guess.js, and more!
Gatsby v2: Faster build times, guess.js, and more!Gatsby v2: Faster build times, guess.js, and more!
Gatsby v2: Faster build times, guess.js, and more!
 
Reactjs workshop
Reactjs workshop Reactjs workshop
Reactjs workshop
 
Gwtcreatekeynote
GwtcreatekeynoteGwtcreatekeynote
Gwtcreatekeynote
 
Web app job and functions - TUGAIT 2017
Web app job and functions - TUGAIT 2017Web app job and functions - TUGAIT 2017
Web app job and functions - TUGAIT 2017
 
Rp 6 session 2 naresh bhatia
Rp 6 session 2 naresh bhatiaRp 6 session 2 naresh bhatia
Rp 6 session 2 naresh bhatia
 
Building solutions with the SharePoint Framework - introduction
Building solutions with the SharePoint Framework - introductionBuilding solutions with the SharePoint Framework - introduction
Building solutions with the SharePoint Framework - introduction
 
Welcome to Wijmo 5
Welcome to Wijmo 5Welcome to Wijmo 5
Welcome to Wijmo 5
 
Intro to Azure Webjobs
Intro to Azure WebjobsIntro to Azure Webjobs
Intro to Azure Webjobs
 
AngularJS
AngularJSAngularJS
AngularJS
 
Azkaban
AzkabanAzkaban
Azkaban
 
Code First with Serverless Azure Functions
Code First with Serverless Azure FunctionsCode First with Serverless Azure Functions
Code First with Serverless Azure Functions
 
Front End Optimization, 'The Cloud' can help you!
Front End Optimization, 'The Cloud' can help you!Front End Optimization, 'The Cloud' can help you!
Front End Optimization, 'The Cloud' can help you!
 
Intro to React
Intro to ReactIntro to React
Intro to React
 
Web view
Web viewWeb view
Web view
 

Viewers also liked

Lessons from IPv6 Day
Lessons from IPv6 DayLessons from IPv6 Day
Lessons from IPv6 Day
Jon Warbrick
 
Web Authenication with Shibboleth - a view from the Flat East
Web Authenication with Shibboleth - a view from the Flat EastWeb Authenication with Shibboleth - a view from the Flat East
Web Authenication with Shibboleth - a view from the Flat East
Jon Warbrick
 
L'information superieure pour 2013 sur des programmes futes d'hotel de Marrak...
L'information superieure pour 2013 sur des programmes futes d'hotel de Marrak...L'information superieure pour 2013 sur des programmes futes d'hotel de Marrak...
L'information superieure pour 2013 sur des programmes futes d'hotel de Marrak...
riadamarrakech6834
 
Fri5 35
Fri5 35Fri5 35
Fri5 35medism
 
Gedragsbeinvloeding training
Gedragsbeinvloeding trainingGedragsbeinvloeding training
Gedragsbeinvloeding training
Julian Leijser
 
Regulamento açoriano
Regulamento açorianoRegulamento açoriano
Regulamento açoriano
diario_catarinense
 
Independent research task – waterloo road
Independent research task – waterloo roadIndependent research task – waterloo road
Independent research task – waterloo road
Joel Ryan
 
135. verdadera oración
135. verdadera oración135. verdadera oración
135. verdadera oración
fomtv
 
Job Hunting
Job HuntingJob Hunting
Job Hunting
Tamer Elshamy
 
Mb logo
Mb logoMb logo
Mb logo
Olenka Steciw Villarreal
 
Global entry strategies global p s of marketing
Global entry strategies global p s of marketingGlobal entry strategies global p s of marketing
Global entry strategies global p s of marketing
Sourav Karmakar
 
Ferrocarril en india para presentar
Ferrocarril en india para presentarFerrocarril en india para presentar
Ferrocarril en india para presentar
ci31315epj
 
MMA - Massiivisen Moninpelattavat Animet
MMA - Massiivisen Moninpelattavat AnimetMMA - Massiivisen Moninpelattavat Animet
MMA - Massiivisen Moninpelattavat Animet
Tracon
 
김인수 - 인터넷 포털기업에서 디자인하기
김인수 - 인터넷 포털기업에서 디자인하기김인수 - 인터넷 포털기업에서 디자인하기
김인수 - 인터넷 포털기업에서 디자인하기
Changshin Park
 
Pesaing pow
Pesaing powPesaing pow
Pesaing pow
Nanda Diocta Prabowo
 
FEL Position Paper
FEL Position PaperFEL Position Paper
FEL Position Paper
chitlesh
 
Availability & access of e resources in au
Availability & access of e resources in auAvailability & access of e resources in au
Availability & access of e resources in au
Kishor Satpathy
 
Taller iglekids 1
Taller iglekids 1Taller iglekids 1
Taller iglekids 1
adelisj
 
[Mobile Day HCM] Lessons Learn from Top Mobile App in Vietnam
[Mobile Day HCM] Lessons Learn from Top Mobile App in Vietnam[Mobile Day HCM] Lessons Learn from Top Mobile App in Vietnam
[Mobile Day HCM] Lessons Learn from Top Mobile App in Vietnam
Appota Group
 

Viewers also liked (19)

Lessons from IPv6 Day
Lessons from IPv6 DayLessons from IPv6 Day
Lessons from IPv6 Day
 
Web Authenication with Shibboleth - a view from the Flat East
Web Authenication with Shibboleth - a view from the Flat EastWeb Authenication with Shibboleth - a view from the Flat East
Web Authenication with Shibboleth - a view from the Flat East
 
L'information superieure pour 2013 sur des programmes futes d'hotel de Marrak...
L'information superieure pour 2013 sur des programmes futes d'hotel de Marrak...L'information superieure pour 2013 sur des programmes futes d'hotel de Marrak...
L'information superieure pour 2013 sur des programmes futes d'hotel de Marrak...
 
Fri5 35
Fri5 35Fri5 35
Fri5 35
 
Gedragsbeinvloeding training
Gedragsbeinvloeding trainingGedragsbeinvloeding training
Gedragsbeinvloeding training
 
Regulamento açoriano
Regulamento açorianoRegulamento açoriano
Regulamento açoriano
 
Independent research task – waterloo road
Independent research task – waterloo roadIndependent research task – waterloo road
Independent research task – waterloo road
 
135. verdadera oración
135. verdadera oración135. verdadera oración
135. verdadera oración
 
Job Hunting
Job HuntingJob Hunting
Job Hunting
 
Mb logo
Mb logoMb logo
Mb logo
 
Global entry strategies global p s of marketing
Global entry strategies global p s of marketingGlobal entry strategies global p s of marketing
Global entry strategies global p s of marketing
 
Ferrocarril en india para presentar
Ferrocarril en india para presentarFerrocarril en india para presentar
Ferrocarril en india para presentar
 
MMA - Massiivisen Moninpelattavat Animet
MMA - Massiivisen Moninpelattavat AnimetMMA - Massiivisen Moninpelattavat Animet
MMA - Massiivisen Moninpelattavat Animet
 
김인수 - 인터넷 포털기업에서 디자인하기
김인수 - 인터넷 포털기업에서 디자인하기김인수 - 인터넷 포털기업에서 디자인하기
김인수 - 인터넷 포털기업에서 디자인하기
 
Pesaing pow
Pesaing powPesaing pow
Pesaing pow
 
FEL Position Paper
FEL Position PaperFEL Position Paper
FEL Position Paper
 
Availability & access of e resources in au
Availability & access of e resources in auAvailability & access of e resources in au
Availability & access of e resources in au
 
Taller iglekids 1
Taller iglekids 1Taller iglekids 1
Taller iglekids 1
 
[Mobile Day HCM] Lessons Learn from Top Mobile App in Vietnam
[Mobile Day HCM] Lessons Learn from Top Mobile App in Vietnam[Mobile Day HCM] Lessons Learn from Top Mobile App in Vietnam
[Mobile Day HCM] Lessons Learn from Top Mobile App in Vietnam
 

Similar to Google Apps @ Cambridge - What we did

Google Apps - SSO and Identity Management at the University of Cambridge
Google Apps - SSO and Identity Management at the University of CambridgeGoogle Apps - SSO and Identity Management at the University of Cambridge
Google Apps - SSO and Identity Management at the University of Cambridge
Jon Warbrick
 
Android lessons you won't learn in school
Android lessons you won't learn in schoolAndroid lessons you won't learn in school
Android lessons you won't learn in school
Michael Galpin
 
2015 jcconf-h2s-devops-practice
2015 jcconf-h2s-devops-practice2015 jcconf-h2s-devops-practice
2015 jcconf-h2s-devops-practice
Hochi Chuang
 
DEFCON 23 - Nadeem Douba - Using WebKit to Own the Web
DEFCON 23 - Nadeem Douba - Using WebKit to Own the WebDEFCON 23 - Nadeem Douba - Using WebKit to Own the Web
DEFCON 23 - Nadeem Douba - Using WebKit to Own the Web
Felipe Prado
 
DEFCON-23-Nadeem-Douba-BurpKit
DEFCON-23-Nadeem-Douba-BurpKitDEFCON-23-Nadeem-Douba-BurpKit
DEFCON-23-Nadeem-Douba-BurpKit
Nadeem Douba
 
Cloud Study Jam_ Google Cloud Essentials Event Slides.pptx
Cloud Study Jam_ Google Cloud Essentials Event Slides.pptxCloud Study Jam_ Google Cloud Essentials Event Slides.pptx
Cloud Study Jam_ Google Cloud Essentials Event Slides.pptx
AkashSrivastava519152
 
Devfest09 App Engine Java
Devfest09 App Engine JavaDevfest09 App Engine Java
Devfest09 App Engine Java
Chris Schalk
 
What's New for the Windows Azure Developer? Lots! (July 2013)
What's New for the Windows Azure Developer? Lots! (July 2013)What's New for the Windows Azure Developer? Lots! (July 2013)
What's New for the Windows Azure Developer? Lots! (July 2013)
Michael Collier
 
Defcon 27 - Exploiting IAM in GCP
Defcon 27 - Exploiting IAM in GCPDefcon 27 - Exploiting IAM in GCP
Defcon 27 - Exploiting IAM in GCP
Netskope
 
Exploiting IAM in the google cloud platform - dani_goland_mohsan_farid
Exploiting IAM in the google cloud platform - dani_goland_mohsan_faridExploiting IAM in the google cloud platform - dani_goland_mohsan_farid
Exploiting IAM in the google cloud platform - dani_goland_mohsan_farid
CloudVillage
 
Exploiting IAM in GCP
Exploiting IAM in GCPExploiting IAM in GCP
Exploiting IAM in GCP
Colin Estep
 
Angular2 + AWS Lambdaでサーバサイドレンダリングしてみた
Angular2 + AWS LambdaでサーバサイドレンダリングしてみたAngular2 + AWS Lambdaでサーバサイドレンダリングしてみた
Angular2 + AWS Lambdaでサーバサイドレンダリングしてみた
暁 三宅
 
Cloud computing benefits start-up companies
Cloud computing benefits start-up companiesCloud computing benefits start-up companies
Cloud computing benefits start-up companies
Sang-il Jung
 
Agile startup company management and operation
Agile startup company management and operationAgile startup company management and operation
Agile startup company management and operation
Jiang Zhu
 
淺談 Startup 公司的軟體開發流程 v2
淺談 Startup 公司的軟體開發流程 v2淺談 Startup 公司的軟體開發流程 v2
淺談 Startup 公司的軟體開發流程 v2
Wen-Tien Chang
 
Azure and web sites hackaton deck
Azure and web sites hackaton deckAzure and web sites hackaton deck
Azure and web sites hackaton deck
Alexey Bokov
 
State of the Web
State of the WebState of the Web
State of the Web
Dmitry Buzdin
 
App Engine Overview Cloud Futures Publish
App Engine Overview Cloud Futures PublishApp Engine Overview Cloud Futures Publish
App Engine Overview Cloud Futures Publish
Chris Schalk
 
CactusCon 2019: Exploiting IAM in GCP
CactusCon 2019: Exploiting IAM in GCPCactusCon 2019: Exploiting IAM in GCP
CactusCon 2019: Exploiting IAM in GCP
Colin Estep
 
Sg conference multiplatform_apps_adam_stanley
Sg conference multiplatform_apps_adam_stanleySg conference multiplatform_apps_adam_stanley
Sg conference multiplatform_apps_adam_stanley
n_adam_stanley
 

Similar to Google Apps @ Cambridge - What we did (20)

Google Apps - SSO and Identity Management at the University of Cambridge
Google Apps - SSO and Identity Management at the University of CambridgeGoogle Apps - SSO and Identity Management at the University of Cambridge
Google Apps - SSO and Identity Management at the University of Cambridge
 
Android lessons you won't learn in school
Android lessons you won't learn in schoolAndroid lessons you won't learn in school
Android lessons you won't learn in school
 
2015 jcconf-h2s-devops-practice
2015 jcconf-h2s-devops-practice2015 jcconf-h2s-devops-practice
2015 jcconf-h2s-devops-practice
 
DEFCON 23 - Nadeem Douba - Using WebKit to Own the Web
DEFCON 23 - Nadeem Douba - Using WebKit to Own the WebDEFCON 23 - Nadeem Douba - Using WebKit to Own the Web
DEFCON 23 - Nadeem Douba - Using WebKit to Own the Web
 
DEFCON-23-Nadeem-Douba-BurpKit
DEFCON-23-Nadeem-Douba-BurpKitDEFCON-23-Nadeem-Douba-BurpKit
DEFCON-23-Nadeem-Douba-BurpKit
 
Cloud Study Jam_ Google Cloud Essentials Event Slides.pptx
Cloud Study Jam_ Google Cloud Essentials Event Slides.pptxCloud Study Jam_ Google Cloud Essentials Event Slides.pptx
Cloud Study Jam_ Google Cloud Essentials Event Slides.pptx
 
Devfest09 App Engine Java
Devfest09 App Engine JavaDevfest09 App Engine Java
Devfest09 App Engine Java
 
What's New for the Windows Azure Developer? Lots! (July 2013)
What's New for the Windows Azure Developer? Lots! (July 2013)What's New for the Windows Azure Developer? Lots! (July 2013)
What's New for the Windows Azure Developer? Lots! (July 2013)
 
Defcon 27 - Exploiting IAM in GCP
Defcon 27 - Exploiting IAM in GCPDefcon 27 - Exploiting IAM in GCP
Defcon 27 - Exploiting IAM in GCP
 
Exploiting IAM in the google cloud platform - dani_goland_mohsan_farid
Exploiting IAM in the google cloud platform - dani_goland_mohsan_faridExploiting IAM in the google cloud platform - dani_goland_mohsan_farid
Exploiting IAM in the google cloud platform - dani_goland_mohsan_farid
 
Exploiting IAM in GCP
Exploiting IAM in GCPExploiting IAM in GCP
Exploiting IAM in GCP
 
Angular2 + AWS Lambdaでサーバサイドレンダリングしてみた
Angular2 + AWS LambdaでサーバサイドレンダリングしてみたAngular2 + AWS Lambdaでサーバサイドレンダリングしてみた
Angular2 + AWS Lambdaでサーバサイドレンダリングしてみた
 
Cloud computing benefits start-up companies
Cloud computing benefits start-up companiesCloud computing benefits start-up companies
Cloud computing benefits start-up companies
 
Agile startup company management and operation
Agile startup company management and operationAgile startup company management and operation
Agile startup company management and operation
 
淺談 Startup 公司的軟體開發流程 v2
淺談 Startup 公司的軟體開發流程 v2淺談 Startup 公司的軟體開發流程 v2
淺談 Startup 公司的軟體開發流程 v2
 
Azure and web sites hackaton deck
Azure and web sites hackaton deckAzure and web sites hackaton deck
Azure and web sites hackaton deck
 
State of the Web
State of the WebState of the Web
State of the Web
 
App Engine Overview Cloud Futures Publish
App Engine Overview Cloud Futures PublishApp Engine Overview Cloud Futures Publish
App Engine Overview Cloud Futures Publish
 
CactusCon 2019: Exploiting IAM in GCP
CactusCon 2019: Exploiting IAM in GCPCactusCon 2019: Exploiting IAM in GCP
CactusCon 2019: Exploiting IAM in GCP
 
Sg conference multiplatform_apps_adam_stanley
Sg conference multiplatform_apps_adam_stanleySg conference multiplatform_apps_adam_stanley
Sg conference multiplatform_apps_adam_stanley
 

More from Jon Warbrick

Dunbar's Number, and what it means to the UIS
Dunbar's Number, and what it means to the UISDunbar's Number, and what it means to the UIS
Dunbar's Number, and what it means to the UIS
Jon Warbrick
 
The 'New [University of Cambridge] Map
The 'New [University of Cambridge] MapThe 'New [University of Cambridge] Map
The 'New [University of Cambridge] Map
Jon Warbrick
 
Syndicated content on your web pages
Syndicated content on your web pagesSyndicated content on your web pages
Syndicated content on your web pages
Jon Warbrick
 
Lessons fro IPv6 day, 2011
Lessons fro IPv6 day, 2011Lessons fro IPv6 day, 2011
Lessons fro IPv6 day, 2011
Jon Warbrick
 
An introduction to Version Control Systems
An introduction to Version Control SystemsAn introduction to Version Control Systems
An introduction to Version Control Systems
Jon Warbrick
 
(Why) Passwords don't work
(Why) Passwords don't work(Why) Passwords don't work
(Why) Passwords don't work
Jon Warbrick
 
State of the Raven
State of the RavenState of the Raven
State of the Raven
Jon Warbrick
 

More from Jon Warbrick (7)

Dunbar's Number, and what it means to the UIS
Dunbar's Number, and what it means to the UISDunbar's Number, and what it means to the UIS
Dunbar's Number, and what it means to the UIS
 
The 'New [University of Cambridge] Map
The 'New [University of Cambridge] MapThe 'New [University of Cambridge] Map
The 'New [University of Cambridge] Map
 
Syndicated content on your web pages
Syndicated content on your web pagesSyndicated content on your web pages
Syndicated content on your web pages
 
Lessons fro IPv6 day, 2011
Lessons fro IPv6 day, 2011Lessons fro IPv6 day, 2011
Lessons fro IPv6 day, 2011
 
An introduction to Version Control Systems
An introduction to Version Control SystemsAn introduction to Version Control Systems
An introduction to Version Control Systems
 
(Why) Passwords don't work
(Why) Passwords don't work(Why) Passwords don't work
(Why) Passwords don't work
 
State of the Raven
State of the RavenState of the Raven
State of the Raven
 

Recently uploaded

Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process MiningTrusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
LucaBarbaro3
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Tatiana Kojar
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStrDeep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
saastr
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Alpen-Adria-Universität
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Postman
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
Shinana2
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Jeffrey Haguewood
 
AWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptxAWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptx
HarisZaheer8
 
Operating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptxOperating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptx
Pravash Chandra Das
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 

Recently uploaded (20)

Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process MiningTrusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStrDeep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
 
AWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptxAWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptx
 
Operating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptxOperating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptx
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 

Google Apps @ Cambridge - What we did

  • 1. Google Apps @ Cambridge What we did Jon Warbrick University of Cambridge Computing Service jw35@cam.ac.uk / @jw35
  • 2. The University of Cambridge 100+ departments 32 colleges 40,000 users “A loose affiliation of warring fiefdoms”
  • 3. Handy building blocks • University Computing Service • even if it doesn’t set policy • User Administration Database • Raven: Web Authentication system • including a Shibboleth IdP • A 2008 UCS trial of Google Apps
  • 4. What do we want? A Calendar! Perhaps other things, later...
  • 5. To stay within the law http://www.cam.ac.uk/cs/googleapps/google-apps-cambridge-contract.pdf Photo: CC BY-SA 2.0 Steve Punter http://www.flickr.com/photos/spunter/3363326374/
  • 6. General Plan • Google Apps for Education • but just Calendar to start with • Use cam.ac.uk domain • Web SSO using Raven • Automatically available to everyone • Minimum ongoing staff involvement • Rollout September, for October, 2010
  • 9. Web authentication SAML SSO service gAuth
  • 10. Web authentication SAML SSO service gAuth
  • 11. Web authentication SAML SSO service gAuth
  • 12. gAuth • Based on Google example Java SAML code • SAML, but not Shibboleth • Java Webapp, runs in Tomcat • And some other things ...
  • 15. Account creation gAuth Provisioning API
  • 16. Account creation gAuth Provisioning API
  • 19. Non-web authentication Shush! ‘Token’ == ‘Password’
  • 20. Account management gAuth Raven feed User admin. database reconcile- reconcile- admin google Status: Google •[Unknown] •Current •Blacklisted •Cancelled •[Deleted]
  • 21. Implementation • gAuth: Java webapp in Tomcat • Batch processing: Java run by cron (!) • (Live/stanby) pair of VMs on Xen cluster • Local Postgress database; Slony1 replication • Manual service address transition
  • 22. Plain sailing? • Account issues • Pre-existing cam.ac.uk domain • ‘g’ ‘o’ ‘o’ ‘g’ ‘l’ ‘e’ not allowed in domain names • Calendar sync, iPhones and other mobile devices • Support. Do you or don’t you? Photo: CC BY 2.0 sailorbill http://www.flickr.com/photos/sailorbill/2435667146/
  • 23. Account Issues • Conflicting accounts • Google apps vs. Google consumer • foo@cam.ac.uk != foo@cam.ac.uk • The ‘New Authentication Architecture’ transition • Conflicting accounts renamed • Loss of multiple login • The 62 ‘other’ Google services Photo: CC BY 2.0 sailorbill http://www.flickr.com/photos/sailorbill/2435667146/
  • 24. Deployed October 2010 Number of Accounts http://www-uxsup.csx.cam.ac.uk/~jw35/google-usage/
  • 25. Deployed October 2010 Unique users per day http://www-uxsup.csx.cam.ac.uk/~jw35/google-usage/
  • 26. Deployed October 2010 Unique users per month http://www-uxsup.csx.cam.ac.uk/~jw35/google-usage/
  • 27. “Prediction is very hard, especially about the future.” Niels Bohr • Groups? • Google Docs? • The 62 ‘Other Google Services’? Photo: © Copyright Stephen Craven and licensed for reuse under this Creative Commons Licence
  • 29. Any questions? Jon Warbrick University of Cambridge Computing Service jw35@cam.ac.uk / @jw35

Editor's Notes

  1. Introduce self\nQuestions welcome as-and-when\nA SSO and IdM case study. About May->September 2010\n
  2. University of Cambridge is an unusual place - some of this may not apply to you\n
  3. We do have some useful building blocks\nNote that we didn’t use Shib (will explain why later)\n
  4. Have e-mail, websites\nDon’t have Docs equivalent, or chat, but don’t have any demand either\nDo have demand for a calendar - go for that as ‘extended pilot’\n
  5. Notably:\nData Transfer outside EEA – DPA 8th principle - Compliance with Safe Harbor principles\nUser's Privacy & Data Processing – DPA 7th principle:\n Use of customer data only in connection with provision of service\n Measures against unauthorised access\npostmaster@ & abuse@ addresses\n\n\n
  6. Use of cam.ac.uk domain a nod to possible future gmail\n
  7. ANNIMATION\ngAuth is an ‘invisible’ service, hence dotted outline\nAll this is ‘old’ hat’ web redirection authentication\nMost of this is invisible to users\n
  8. ANNIMATION\ngAuth is an ‘invisible’ service, hence dotted outline\nAll this is ‘old’ hat’ web redirection authentication\nMost of this is invisible to users\n
  9. ANNIMATION\ngAuth is an ‘invisible’ service, hence dotted outline\nAll this is ‘old’ hat’ web redirection authentication\nMost of this is invisible to users\n
  10. ANNIMATION\ngAuth is an ‘invisible’ service, hence dotted outline\nAll this is ‘old’ hat’ web redirection authentication\nMost of this is invisible to users\n
  11. ANNIMATION\ngAuth is an ‘invisible’ service, hence dotted outline\nAll this is ‘old’ hat’ web redirection authentication\nMost of this is invisible to users\n
  12. ANNIMATION\ngAuth is an ‘invisible’ service, hence dotted outline\nAll this is ‘old’ hat’ web redirection authentication\nMost of this is invisible to users\n
  13. ANNIMATION\ngAuth is an ‘invisible’ service, hence dotted outline\nAll this is ‘old’ hat’ web redirection authentication\nMost of this is invisible to users\n
  14. ANNIMATION\ngAuth is an ‘invisible’ service, hence dotted outline\nAll this is ‘old’ hat’ web redirection authentication\nMost of this is invisible to users\n
  15. Google code now marked ‘deprecated’, but what we used earlier\nDidn’t use Raven Shib because a) still 1.3; and b) needs ‘special’ config; and c)wanted to do other things\nHaving our T&Cs was useful for DPA etc. compliance\n\n
  16. ANNIMATION\nOn the way back through gAuth, having worked out who we have\nCreate if doesn’t exits, update else\nCreate seems to work reliabably (slightly to my surprise!) \nJava version of API, to integrate with gAuth SSO code\n\n
  17. ANNIMATION\nOn the way back through gAuth, having worked out who we have\nCreate if doesn’t exits, update else\nCreate seems to work reliabably (slightly to my surprise!) \nJava version of API, to integrate with gAuth SSO code\n\n
  18. ANNIMATION\nOn the way back through gAuth, having worked out who we have\nCreate if doesn’t exits, update else\nCreate seems to work reliabably (slightly to my surprise!) \nJava version of API, to integrate with gAuth SSO code\n\n
  19. ANNIMATION\nOn the way back through gAuth, having worked out who we have\nCreate if doesn’t exits, update else\nCreate seems to work reliabably (slightly to my surprise!) \nJava version of API, to integrate with gAuth SSO code\n\n
  20. ANNIMATION\nOn the way back through gAuth, having worked out who we have\nCreate if doesn’t exits, update else\nCreate seems to work reliabably (slightly to my surprise!) \nJava version of API, to integrate with gAuth SSO code\n\n
  21. ANNIMATION\nOn the way back through gAuth, having worked out who we have\nCreate if doesn’t exits, update else\nCreate seems to work reliabably (slightly to my surprise!) \nJava version of API, to integrate with gAuth SSO code\n\n
  22. ANNIMATION\nOn the way back through gAuth, having worked out who we have\nCreate if doesn’t exits, update else\nCreate seems to work reliabably (slightly to my surprise!) \nJava version of API, to integrate with gAuth SSO code\n\n
  23. ANNIMATION\nOn the way back through gAuth, having worked out who we have\nCreate if doesn’t exits, update else\nCreate seems to work reliabably (slightly to my surprise!) \nJava version of API, to integrate with gAuth SSO code\n\n
  24. \n
  25. \n
  26. Also wanted/needed to support non-Web access\nVery like ‘application-specific passwords’ in new Two-step verification\nBorrowed ‘Token’ idea from eduroam - always retrievable\n
  27. Need to clean up departed users (DPA if nothing else)\n Except our users tend to come back!\nLoss of Raven not good enough --> because of Token\nForced into gAuth database to store retrievable token \nMain gAuth code also enforces consistency\n\n
  28. Not Heartbeat because of Slony issues\n
  29. Account issues expanded on the next slide\ncam.ac.uk was ‘Comunity Managed’ edition\n a problem because a) users might have left; and b) included Docs/Sites\n couldn’t check departed users till agreement signed\nWanted to use google.cam.ac.uk to allow for mslive.cam.ac.uk. Couldn’t.\nStill some re-authentication problems on iPhone. Caching?\nDon’t under-estimate the support cost, if you provide support\n
  30. Turned out that quite a lot of people (20%) had conflicting accounts\nNew Auth Arch hit soon after launch, transitioned May 2011\nBig problem with the 62 is where email address is meaningfull - e.g. Google Groups\n
  31. \n
  32. Note Saturday/Sunday\n
  33. The theory is that we are not picking up many new users\n
  34. \n
  35. \n