© Blackboard, Inc. © Northwestern University All rights reserved.

Delivering New Data Types With Plone:A Building Block for Versatile Content Management

Patricia Goldweic, Brian NielsenNorthwestern University

2

Abstract

» Northwestern University has developed a Blackboard Building Block that offers users a versatile open source content management system called Plone. Plone provides workflow capabilities and extensible content types to allow unique functionalities for Blackboard users. Using Plone as the image repository, an image zooming and annotation tool will be demonstrated.

3

Session Overview

» Northwestern’s environment and history with Building Blocks

» The Problem: How many times will we have to do this?

» The Application Link Maker B2 and Plone» How does it work? » Demonstration: Plone and Project Pad within

Bb» Q & A

4

About Northwestern University

» Private research university with ~20,000 students,

» Bb customer since early 1999» Learning System, PeopleSoft integration, use of

other Blocks, e.g. SafeAssignment, eLMS

5

NU’s Earlier B2 Development

» The “Depot” block: login integration with a local Xythos system, and document serving in content areas

» The RefWorks block: login integration and provision of bibliographies in content areas

6

NU’s Earlier B2 Development

» The “Depot” block: login integration with a local Xythos system, and document serving in content areas

» The RefWorks block: login integration and provision of bibliographies in content areas

7

How Many Times Will We Have To Do This?» Project Pad toolset in Sakai:

http://projectpad.northwestern.edu

8

Two Possible Solutions

» Link into a more general-purpose tool (but which?)

» Make a more generalized linking mechanism for A VARIETY OF tools

9

Our Answer: the Application Link Maker B2

And . . .

10

Plone: http://plone.org

» An Open Source content management system

» In wide use

» Python-based

» Very flexible

» Well documented and with several service providers

11

Application Link Maker as A General Purpose Single sign-on Mechanism

» Application Link Maker B2 provides 50% of the single sign-on functionality

» Other 50% is provided by a custom authentication ‘module’ (‘tweak’) in the external application that interprets parameters sent in an http request by the B2.

» A trust relationship

12

Exploring the Application Link Maker Side

» Creates secure links to external app carrying user info (user id, course id, etc.) plus a time-based encrypted token

» Encryption done through a Java class created for NU’s B2 (EncryptionUtils)

» The same class (or an appropriate port in a different language) used for both the B2 and the external application

» The Plone integration required porting this class to Python

13

EncryptionUtils.java class

» Important methods:

1. EncryptionUtils(String pass, String id, String algorithm, int delta) - Used on both the building block and the external application

2. public String encrypt() – Used only in building block

3. public boolean verify(String given) – Used only in external application

14

http request

resource location

one-way encryption key

user identity

course identity

timestamp

any other parameters

15

Receiver Processing

confirms valid encryption:

(user identity and timestamp)

logs user on

places user in “course”

16

Package edu.northwestern.at.encryptionutilspackage edu.northwestern.at.encryptionutils;

import java.security.*;import java.util.*;

import edu.northwestern.at.utils.*;import edu.northwestern.at.ntp.NUClockSkewUtils;

/** * * This class implements a simple encryption (hashing) algorithm as follows: * * It provides the ability to: * - Encrypt a (string) password given as additional inputs a user id string, and a MessageDigest algorithm * (method 'encrypt'). The encryption is time-based and it is done using the MessageDigest class in * the JSDK, and using as inputs the string, the user id and the current time. * - Verify whether a given (encrypted) string has been obtained using the previous mechanism and * passes the 'time' test (that is, whether the encryption and verification happen within a restricted * time frame). (method: 'verify). * * * @author Patricia Goldweic */public class EncryptionUtil {

/** This algorithm's password */private String m_pass;

. . . (available, site TBD)

17

18

Q & A