QMWISe, Portals and Single Sign On
I had a great time at the European Users Conference in Amsterdam. Thanks to Stoas for their key role in making this wonderful event happen! Stoas are a learning consultancy based in Holland that provides Questionmark Perception-based solutions to education and business there.
As Questionmark’s integration products owner, I was especially interested to see plenty of sessions that looked at integration issues, from customizing the templates used during assessment delivery right through to integrations with customer portals. I wish I’d had the opportunity during the conference to attend some of the best-practice sessions that were timetabled alongside my own. Fortunately, the conference has a dedicated space on our Community Spaces system and many of the presentations are appearing there so that I can catch up — thank you!
One session I did get an opportunity to go to was a session presented by Stoas themselves on their use of QMWISe (with a bit on templates). QMWISe is the name of our web service application programming interfaces (APIs). With QMWISe, system integrators can link assessment management into their other systems. It also allows programmers to create custom user interfaces to suit their own processes. QMWISe is a key component of our open assessment platform.
I liked the way the presenters talked about how they distinguish between single sign-on and what they described as “single log-on”. Traditionally, single sign-on means a single challenge followed by access to multiple systems. For example, you might be prompted for your user name and password when you log in to your company portal and, from there, access many of your organization’s systems without having to identify yourself again.
With a common, weaker form of single sign-on, the same identity is used across multiple systems even though the user is challenged separately as they access each one. Stoas used the term single log-on when referring to the stronger requirement and demonstrated a system that used QMWISe to obtain a single log-on from a customized learning portal into Questionmark Perception. The presenters went on to show us an interesting dashboard view that used a blend of QMWISe and custom database queries where no suitable API exists (yet!).
The difference between sign-on methods can be quite subtle. I expanded on some of the common models of providing participant access in my own best-practice session. For workers or students with personal computers, a familiar pattern is a “remember me” checkbox. This causes the Web site to store the access credentials in the user’s Web browser as cookies, reducing the need for a single log on. (Windows Authentication on PCs works in a similar way.)
In the future, single-sign-on complexity seems likely to be handled directly by the system administrators who install and configure Web servers. Plug-in modules for web servers are now available that allow an organization to choose from a variety of different authentication systems (also known as “identity providers”) to protect the web applications they host. For on-demand services, standard protocols are emerging that allow customers to link to their chosen identity providers without having to host the Web application at all.
Now I am looking forward to the U.S. 2011 Users Conference, where I hope to hear some more excellent presentations.