| Issue Number | 326 |
|---|---|
| Summary | [Login Page] Revise non-NIH Board Member Instructions |
| Created | 2015-09-15 13:47:00 |
| Issue Type | Task |
| Submitted By | Juthe, Robin (NIH/NCI) [E] |
| Assigned To | alan |
| Status | Closed |
| Resolved | 2016-04-07 14:57:32 |
| Resolution | Fixed |
| Path | /home/bkline/backups/jira/oceebms/issue.170022 |
If we move to using a single username (OCEEBMS-298), we will need to revise the instructions on the login page. I will post specific revisions once we determine how we will be handling the usernames.
We may also want to remove the information about the NIH help desk since we have been routing requests through the Board managers for resolution. Otherwise the Board members are being told they need to complete a notarized form.
Holding off on this ticket while we work on trying to get Federated Login working.
I drafted some instructions and proposed a layout for the new EBMS landing page. Please see attached.
We'll need to update the wording if we end up being able to change the items in the dropdown list ("HHS Login" and "Social Login/Open ID") on the trust page.
How about "... and Social Login/Open ID if you have a Google account which has been registered with the EBMS."?
I have attached a draft Questions and Answers document for our use of OpenID in the EBMS. See "OpenID_QandA.doc"
Some of the answers that I gave are based on direct experience with the system. Some are based on my understanding of how it works, but I have not yet personally tested them, for example, I haven't changed the email address or password on my Google account. So Bob or I or others in the group should be sure each answer has been tested by at least one of us to be sure it's accurate, before we send out a final draft.
A few tweaks:
Click the "I prefer to use my current email address" option ... [the word "option" added]
"The first time that you login NIH will present a web page that asks you to select an NIH staff userid or an OpenID." I would use "log in" instead of "login" (and "user ID" instead of "userid"). Also, this choice is presented every time you log in, not just the first time, I believe. And you're not selecting an ID at this step, you're choosing the method of authentication. How about "Each time you log in the NIH iTrust page will ask you to choose an account type ("HHS Staff" or "Social Login/OpenID")."?
This is really helpful, Alan. Thank you!
I have replaced OpenID_QandA.doc again, fixing a few typos and small errors and implementing Bob's suggested changes.
I've just started work on the new EBMS login page. However JIRA has slowed way down, a cloak of invisibility has descended on the svn server, and gremlins seem to be infesting the network. So I'll call it a night and return to it on Thursday.
It is my recollection that our original plan for the switch from
eDir
to OpenID logins for board members was to happen in a single
change,
i.e., we would bring the system down, turn off eDir access and turn
on
OpenID access, then bring the system back up.
Later there was some discussion of running eDir and OpenID in
parallel
for some period of time to allow more time for board members to
make
the switch.
I'm not sure how that stands at present. If we can do without
parallel operation then I propose that we stick with the original
plan. The main benefits are that we can stop maintaining the eDir
system, and we can implement a single pre-login screen (the one
Robin
designed) to lead users to the NIH authentication gateway instead
of
possibly modifying an already somewhat confusing screen offering
multiple login options, and going through two transitions.
I propose to go ahead with an implementation of the Robin design
login
screen, which we will need when eDir is turned off - whether that
happens right away or not. If we can get away with it, I suggest
that
we stop there and stick with the original plan of turning off eDir
when turning on OpenID.
Is it okay to do that?
I think the original plan of cutting over from eDir to OpenID at one time will work for us. This is how we have explained to our Board members that it will happen, too. I'm sure there will be some/perhaps many that will need to be manually brought over to OpenID after the cutover on Feb 10, but we've let them know that they will temporarily lose access until we have their Google-associated e-mail address. Thanks.
The landing page looks good on old QA.
In the course of testing with the new OpenID authentication process I have learned some new things, mainly about how Google works and how to control how Google manages account information.
In light of that, I have attached a new version of the Q and A document "OpenID_QandA_2.doc". It fixes or clarifies some answers in the original Q&A, adds a number of new questions and answers, and adds a short introduction.
I suggest that this be sent out to users and/or be included in the EBMS online content.
I added a few more tweaks to the Q&A document but kept the name the same, "OpenID_QandA_2.doc".
Added a few tiny corrections to "OpenID_QandA_2.doc".
Verified landing page on PROD.
| File Name | Posted | User |
|---|---|---|
| New EBMS Login Page.doc | 2015-12-10 10:18:47 | Juthe, Robin (NIH/NCI) [E] |
| OpenID_QandA_2.doc | 2016-02-16 17:36:40 | |
| OpenID_QandA.doc | 2015-12-15 22:56:37 |
Elapsed: 0:00:00.000607