If you are responsible for the technical management of an IT system at the University, how you will interact with the Registry depends on what sort data you manage. Because much of the technical detail has yet to be decided, we will just present an overview of what is happening here. Feel free to contact us for further information.
If you maintain authoritative records about a population affiliated with the University, you are what we call a “System of Record”. Systems of Record will be able to send data to the Registry via a real-time (REST) interface or via batch files.
If you are responsible for a system that consumes identity data, you are what we call a “Downstream System”. Downstream Systems will generally not talk to the Registry directly, but will use systems such as CAS and LDAP instead. The general exception will be for systems that will be provisioned from Registry data. For these systems, a real-time messaging queue will be available, as will batch-oriented options.
The Registry is being developed as an open source platform called “OpenRegistry”. You can find out more about this platform here.
Enhanced Single Sign On
We will be making a new version of CAS — called login.rutgers.edu — our preferred method for authenticating members of the community. In addition to replacing cas.rutgers.edu, our intention is for this to ultimately replace LDAP as a means of authentication for most services. Authorization (role) information will be available via login.rutgers.edu, and will provide enhanced detail over currently available information.
We are currently planning to restructure the data in LDAP according to the new data made available by the Registry. If you are currently using ldap.rutgers.edu, you will likely need to transition to the new LDAP servers when available, or better yet switch your application to use login.rutgers.edu (described above).
We are currently investigating the feasibility of merging the Kerberos realms. If you are currently using LDAP or CAS for authentication, this would be a transparent change. However, if you are currently talking to the Kerberos servers directly,contact us so we can keep you informed of further developments.
We are changing the way that data is encoded on the RUconnection ID card, as well as the way that ID card data is passed between systems. If you use ID card data in any way and we have not yet been in touch, please contact us.