Home » forums » SCT Banner Integration

Banner Channels security

Submitted by mchokshi on Wed, 2010-03-10 17:56

Hi All:

 

 At Old Dominion University, we are trying to implement Banner Channels. We have already configured the middle tier and SSO for them and they are working fine. But we are baffled with the security concern and we would like to have input from the community members. I have attached a file "https_popup.jpg". This file suggests that if we implement the full-SSL on the portal, then we receive the pop-up errors for the mixed content. We have mixed content because we retrieve the information from various places other than portal and content will have https as well http traffic together.

 

If we implement the partial SSL as shown in "start.jpg", then we have some data that are not secured and personal information will be visible over the wire. The red circle on both the files suggests the potential pit falls for different implementation.

 

Do not forget that our SSO are secured. And we are talking about the real content inside the Banner Channels.

 

Question:

 

 (1) How do other schools with middle-tier implementation have achieved compromise in both the situation?

 

 Any insights will be helpful.

 

Thanks,

 

Milind

‹ customizing error messages in luminis for banner delivered channels Novell Identity Management and Banner ›

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Webtailor params

Submitted by ToddTrann on Wed, 2010-03-10 19:15.

In Banner table wtailor.twgbparm, check these parameters:

  • CPBASEURL
  • CSSURL

We have a CPBASEURL that starts with https, and a CSSURL that is relative, not absolute.

We also used to receive some errors about mixed content before we change to https for our CPBASEURL.  Note that we switched the single sign-on from Luminis to Banner over to SSL, which is where we started seeing these errors a couple of years ago.

Todd

Syndicate content