Go to SCD News table of contents

Go to UCAR home pageGo to NCAR home pageGo to SCD home pageGo to SCD News home pageGo to SCD internal pagesGo to SCD News home pageGo to Features archiveGo to News archiveGo to Tips archiveGo to Updates archive SCD News > News item: August 16, 2001

Access changes for protected documents on UCAR websites

Simplifies and enhances UCAR's web security infrastructure

Password prompt

 

 

Starting the week of 20 August 2001, you will need to use your UCAR gatekeeper password to access any protected document on a UCAR webserver. (This is the same password UCAR staff now use to access their time cards.)

Most of these protected documents have the word "internal" somewhere in their URL, but there are some additional protection methods. All of these old protection methods are being replaced by a single method that is already familiar to staff.

This change puts protected web pages in compliance with UCAR's cleartext password ban, and it simplifies and enhances UCAR's web security infrastructure. This change affects anyone who accesses, creates, or maintains any of UCAR's protected web pages. The change will occur throughout the week of 20 August, as the DNS changes propagate through the Internet.

For more information about UCAR's August 2001 security restrictions, see the SCD News article Security perimeter tightens.

Benefits

All authenticated accesses to the webserver will be done using a single, familiar method, regardless of the network you are using (either inside or outside the UCAR security perimeter). This will be less confusing for users who access protected websites from multiple networks.

All major web browsers will now be supported. (We have only been able to support Netscape in the past.) The only limitations are that the browser must accept cookies and support SSL (Secure Sockets Layer).

The centralized authentication (gatekeeper) database will be used for the new system. This is familiar to UCAR staff because they use this same database to access the UCAR time card system on the web.

Costs

You will have to accept a security certificate from the UCAR webserver on each computer and for each browser you use to access protected documents. Then you enter your UCAR login id and your gatekeeper password when you access a protected document, even from your office inside the UCAR security perimeter. You should only have to log in to the protected document at most once every four hours per browser session. When you exit your browser session, or when your browser cache is cleared, you will have to log in again.

For more information, contact the SCD Digital Information Group at dig@ucar.edu.

SCD News   ||  UCAR  ||  NCAR   ||   SCD   ||   Contact us   ||  Search
NCAR is managed by UCAR and sponsored by the National Science Foundation