Currently, I have a business web site (abc.com) that has a secured section that requires each user to logon with a specific userid and password. We have several hundred users. <br /><br />The secured page that displays contains links to other web sites of companies we do business with, and each of those web sites have their own set of userid/password. <br /><br />We've created a PERL script that we associate to each of the links. This PERL script will look up the userid and password used to logon to our site, and determine the appropriate userid and password for the next site to pass along in the redirect link.<br /><br />Now here's the problem ... these other web sites are requiring that the password used to access THEIR site be changed every 30-60 days. Since we have hundreds of users that logon to our site, we need to come up with a way of somewhat automating this process.<br /><br />Any ideas?<!--content-->
Hi.<br /><br />It sounds like you have a lot of sub systems that don't talk to each other. I can understand the isues you are having because of it.<br /><br />I'll assume that there's no way to merge the sign-in processes between these systems.<br /><br />Given that, you could write another Perl script "ID/Password" manager. Make the system that you admistrate require a new password every 30-60 days (the smallest common denominator of all the sites) and create an ID management system that will take the passwords and syncronize them.<br /><br />So, every 30 days the system would prompt the user for a new password. Your ID management system would then go to all the other systems that are managed and change the password there as well, keeping them all syncronized.<br /><br />Sounds like an interesting challenge. Good luck!<!--content-->
Thanks. <br /><br />Yes, the other systems are not under our control, and each is different in their processes. Our web site is essentially acting as a middle man. The users that access our web site may be assigned access to 2,3, or up to 6 different web sites. So rather them having to remember the userid and password for each of these other web sites, they only have to rember one (ours!) and go to our web site first. They neither see nor know the userid/password that has been assigned to them on these other web sites.<br /><br />For other users (other than ours) that go directly to these end web sites, they will get prompted when its time to change their password. Since we logon for them automatically, they never should see the prompt to change their password.<br /><br />A lot to think about ... just trying to gather some different options!<!--content-->
Oi vey!<br /><br />Breaking it down conceptually....<br /><br />With your existing system, when a person signs up, do you manage the initial creation of the userids and passwords on the remote systems? If so, is that scripted? Then maybe you can keep some kind of date information that will automatically change the password of each user before the existing one would expire, and store that new information.<br /><br />Basically, if there's a way for you, through your scripts, to change the password for each site that requires it, that sounds like it would be the easiest, assuming the end user never needs to know what that password is. And maybe just run a cron every day that checks for what users need passwords updated on what sites. That would then hopefully negate the need for your script to be smart enough to handle "your password is about to expire" complexities.<br /><br />Anyway, just some thoughts.<!--content-->
Appreciate the input. This is not going to be either easy or quick. Each of the other web sites do their own thing and have their own processes. So whatever we come up with will have to be tweaked for each.<br /><br />What I'm hoping right now is that I can get each remote web site to generate a file of userid's whose passwords are coming due to be changed, and then hopefully forward back to them a new file with suerid, old password and new password for them to apply on their side.<br /><br />Thanks, again!<!--content-->
The requirements sounds like single sign on to me. Look for those special purpose commercial software. They have servers that work together. Basically, each server only knows about the details of its own users. When passing a user to another site, the servers chat. All the target server knows is that a user is coming, and a partner server has authenticated who he is.<br /><br />Without these software, maintaning the id/pwd is maddening.<!--content-->
Hi.<br /><br />It sounds like you have a lot of sub systems that don't talk to each other. I can understand the isues you are having because of it.<br /><br />I'll assume that there's no way to merge the sign-in processes between these systems.<br /><br />Given that, you could write another Perl script "ID/Password" manager. Make the system that you admistrate require a new password every 30-60 days (the smallest common denominator of all the sites) and create an ID management system that will take the passwords and syncronize them.<br /><br />So, every 30 days the system would prompt the user for a new password. Your ID management system would then go to all the other systems that are managed and change the password there as well, keeping them all syncronized.<br /><br />Sounds like an interesting challenge. Good luck!<!--content-->
Thanks. <br /><br />Yes, the other systems are not under our control, and each is different in their processes. Our web site is essentially acting as a middle man. The users that access our web site may be assigned access to 2,3, or up to 6 different web sites. So rather them having to remember the userid and password for each of these other web sites, they only have to rember one (ours!) and go to our web site first. They neither see nor know the userid/password that has been assigned to them on these other web sites.<br /><br />For other users (other than ours) that go directly to these end web sites, they will get prompted when its time to change their password. Since we logon for them automatically, they never should see the prompt to change their password.<br /><br />A lot to think about ... just trying to gather some different options!<!--content-->
Oi vey!<br /><br />Breaking it down conceptually....<br /><br />With your existing system, when a person signs up, do you manage the initial creation of the userids and passwords on the remote systems? If so, is that scripted? Then maybe you can keep some kind of date information that will automatically change the password of each user before the existing one would expire, and store that new information.<br /><br />Basically, if there's a way for you, through your scripts, to change the password for each site that requires it, that sounds like it would be the easiest, assuming the end user never needs to know what that password is. And maybe just run a cron every day that checks for what users need passwords updated on what sites. That would then hopefully negate the need for your script to be smart enough to handle "your password is about to expire" complexities.<br /><br />Anyway, just some thoughts.<!--content-->
Appreciate the input. This is not going to be either easy or quick. Each of the other web sites do their own thing and have their own processes. So whatever we come up with will have to be tweaked for each.<br /><br />What I'm hoping right now is that I can get each remote web site to generate a file of userid's whose passwords are coming due to be changed, and then hopefully forward back to them a new file with suerid, old password and new password for them to apply on their side.<br /><br />Thanks, again!<!--content-->
The requirements sounds like single sign on to me. Look for those special purpose commercial software. They have servers that work together. Basically, each server only knows about the details of its own users. When passing a user to another site, the servers chat. All the target server knows is that a user is coming, and a partner server has authenticated who he is.<br /><br />Without these software, maintaning the id/pwd is maddening.<!--content-->