Authportal User Documentation

• Introduction to Authportal
• Steps Required to Use Authportal
• Supported Web Browsers
• Glossary of Technical Terms
• Frequently Asked Questions About Authportal (FAQ)

Introduction to Authportal

The Informatics Web Authentication Portal (commonly referred to as Authportal) is the only web site that Informatics Users (this includes visitors and those taking any informatics courses) should trust with their Informatics username and password. Logging into the Authportal will give the user a time limited Client User Certificate that can be used to access protected web sites within the School of Informatics.

A user's experience of using the Informatics Web Authentication Portal will differ slightly depending on where they are using the Authportal from. DICE users for example will never have to use authportal web site directly as DICE Workstations will automatically log users into Authportal when they login to their workstation.

The next section Steps Required to Use Authportal gives a step by step walk-through for the user to follow while using the Authportal.

Steps Required to Use Authportal

1. Preparing to Use Authportal (Accepting the Server Certificate)
2. Logging on to Authportal (Getting Your Client User Certificate)
3. Logging on to an Authportal Protected Site

Step 1: Preparing to use Authportal (Accepting the Server Certificate)

The first thing you must do before using the Authportal itself is instruct your web browser to accept the Server Certificate that Authportal uses. This step is only required if you are not using either a EUCS Open-access Computing Laboratory Workstation , or a DICE Workstation. These workstations will already have the University of Edinburgh Root Certificate already installed which will automatically cause the web browser to accept the Authportal Server Certificate. If you are using such a workstation you should proceed to Step 2.

If you are still reading this step then you are probably using a non University of Edinburgh computer and need to either install the University of Edinburgh Root Certificate, or manually accept the Server Certificate that is presented to you when you first connect to the Informatics Web Authentication Portal. Each of these two options are described below:

Installing the University of Edinburgh Root Certificate

This is the preferred option and in the end should make things simpler for you as a user. See the Why do I need to install the University of Edinburgh Root Certificate? entry in the Authportal FAQ for more information.

The procedure for installing the University of Edinburgh Root Certificate is described here. Once you have successfully installed the University of Edinburgh Root Certificate you can proceed to Step 2.

Manually Accepting the Authportal Server Certificate

If for whatever reason you do not want to install the University of Edinburgh Root Certificate, then you can instead manually accept the Server Certificate presented by the Informatics Web Authentication Portal.

Note that the description below walks through manually accepting the Authportal Server Certificate using the Internet Explorer web browser. Other web browsers will however display similar messages when going through this process.

To do this you simply visit the Informatics Web Authentication Portal with your web browser. When you do this, if you haven't installed the University of Edinburgh Root Certificate, a Security Alert dialog will pop up that looks like this if you are using Internet Explorer:

Selecting the View Certificate option then pops up a Certificate dialog that displays information about the Server Certificate that the Authportal is presenting to you: Once you are happy that the certificate seems to be in order, i.e. the information you see is similar to that displayed in the images above, you can close the Certificate dialog and select the Yes button in the Security Alert dialog mentioned above.

You have now manually accepted the Authportal Server Certificate and can proceed to Step 2.

Step 2: Logging on to Authportal (Getting Your Client User Certificate)

Now that your Internet Explorer is set up to trust the Authportal Server Certificate, the next step is to connect to the Informatics Web Authentication Portal itself. To do this, follow this link.

You should now see a page that looks something like this: Click the Login link to proceed to the Authportal login page itself. The login page should look something like this:

You should now enter your University of Edinburgh Username (UUN) and your School of Informatics Password and click Submit. In Internet Explorer this will cause a Potential Scripting Violation dialog to appear: This is simply your Internet Explorer warning you that the Authportal site is doing something that you might not have expected. In this case this is what we expect so it is safe to click Yes and proceed.

The main Internet Explorer window will now change to indicate that it has started downloading your Client User Certificate: Prior to actually storing the Client User Certificate though Internet Explorer will again check that this is what you want to do. The following Potential Scripting Violation dialog will pop up asking you if you want to let the Authportal add the Client User Certificate to your web browser: This is what you need to be able to login to Authportal protected sites and the certificate has come from a trusted web site so it is safe to click Yes. The Internet Explorer window will now update to indicate that you have successfully logged into Authportal and that the Client User Certificate has been successfully installed into Internet Explorer: You can now proceed to Step 3.

Step 3: Logging on to an Authportal Protected Site

You should now have your Client User Certificate from Step 2 and you should understand how to get Internet Explorer to trust a University of Edinburgh Server Certificate from having gone through Step 1. You can now proceed to actually using an Authportal protected web site.

At the time of writing the following web sites are protected by the Informatics Web Authentication Portal authentication technology:

• Informatics Web Submission System

When you connect to one of these sites Internet Explorer will pop up a Client Authentication dialog asking you to select which Client User Certificate it should present to the web site you are connecting to: Select the certificate that you received from the Informatics Web Authentication Portal and click Ok to proceed. Internet Explorer should now enter the site you are trying to access. For specific help on using one of the Authportal protected web sites you should see the user documentation for that site. The Informatics Computing Systems page is a good place to start when looking for further information about any Informatics service. For further assistance you should refer to the Informatics Computing Support page.

Supported Web Browsers

At present the following web browsers are supported by the Informatics Web Authentication Portal:

Browser	Version
Mozilla	1.6 or later.
Firefox	0.9 or later.
Internet Explorer	6 or later.

Note that you will also need to have client side scripting and cookies enabled.

Glossary of Technical Terms

Client User Certificate

A form of digital identification. It can be thought of as a digital idenity card that when presented will allow its holder to access a certain web site or service. Web browsers usually handle looking after certificates for the user by storing them in a kind of virutal key-chain. Like many real identity cards, there is a time limit on how long the certificate is valid for.

Server Certificate

Just as a user can have a Client User Certificate to identify the user to the service or website they are connecting to, the server running the service or website can have a certificate to identify itself to the user. Think of it as a security guard having to show you proof of identification too. In this example, the security guard is actually the web server your web browser is connecting to.