Penn Community Authorization
Authorization Scripts
ISC already provides authentication service to the University through
the ISC websec online
application module. Authentication is derived from Penn Community using the
PennID. The following generic utilities show the logic necessary to authorize,
or grant sanction to, select subsets of users from within Penn Community.
In order to use this logic
against Penn
Community, you must have access to the underlying tables. You may
obtain
this
access
by
submitting
a
request form to
ISC-AIT/Data Administration.
Each utility can be utilized to select a specific
population from within Penn Community (i.e., students only, staff/faculty
only, staff/faculty/students)
and return
a Boolean value to the initiating process.
Function Name |
Script Name |
Input Parameters and type |
Return Type |
Function Description |
| isActiveStudent |
isActiveStudent |
PennID/PennKey (varchar2) |
Boolean True/False |
The function takes in the penn_id or
the PennKey as a varchar and checks the affiliation table in Penn Community
for an affiliation_code ‘STU’ (student)
corresponding to that penn_id/PennKey and with an active_code ‘A’.
If a match is found, the function returns True else it returns False. |
| isActiveFacultyStaff |
isActiveFacultyStaff |
PennID/PennKey
(varchar2) |
Boolean True/False |
The function takes in the penn_id or
the PennKey as a varchar and checks the affiliation table in Penn Community
for an affiliation_code of either ‘FAC’ (faculty), ‘STAF’(staff)
or ‘TEMP’ (temporary workers) corresponding to that penn_id/PennKey
and with an active_code ‘A’. If a match is found, the function
returns True else it returns False. |
| isActiveFacultyStaff |
isActiveFacultyStudentStaff |
PennID/PennKey
(varchar2) |
Boolean True/False |
The function takes in the penn_id or
the PennKey as a varchar and checks the affiliation table in Penn Community
for an affiliation_code of either ‘STU’(student), ‘FAC’(faculty), ‘STAF’(staff)
or ‘TEMP’ corresponding to that penn_id/PennKey and with an
active_code ‘A’. If a match is found, the function returns True
else it returns False. |
Wrapper Function
To provide connectivity to other data sources apart from Oracle (e.g.,
VB, Java etc.) three wrapper functions have also been created which return
a character instead of a Boolean value. These functions call the underlying
SQL scripts (which return the boolean value) and translate True to a ‘T’ and
False to an ‘F’ so that it can be used in ODBC and JDBC connections.
Function Name |
Script Name |
Input Parameters and type |
Return Type |
Function Description |
| isActiveStudentTF |
isActiveStudentTF |
PennID/PennKey (varchar2) |
Varchar2 (‘T’/‘F’) |
The function takes in the PennID/PennKey
as a varchar and passes this to the function isActiveStudent, If the
value returned by isActiveStudent is True, a ‘T’ is returned by isActiveStudentTF else an ‘F’ is
returned. |
| isActiveFacultyStaffTF |
isActiveFacultyStaffTF |
PennID/PennKey (varchar2) |
Varchar2 (‘T’/‘F’) |
The function takes in the penn_id/PennKey
as a varchar and passes this to the function isActiveFacultyStaff,
If the value returned by isActiveFacultyStaff is True, a ‘T’ is returned by isActiveFacultyStaffTF else an ‘F’ is
returned. |
| isActiveFacultyStaffTF |
isActiveFacultyStudentStaffTF |
PennID/PennKey varchar2) |
Varchar2 (‘T’/‘F’) |
The function takes in the penn_id/Pennkey
as a varchar and passes this to the function isActiveFacultyStudentStaff,
If the value returned by isActiveFacultyStudentStaff is True, a ‘T’ is returned by isActiveFacultyStudentStaffTF else an ‘F’ is
returned. |
You may use any of the wrapper functions or SQL scripts in your applications.
Clicking on the appropriate Function Name within the tables above will open
a pdf file containing the script. If you wish to use the wrapper function,
also include the SQL authorization script because it will be executed
from within
the wrapper.
The utilities are also available through the penncard.umis.upenn.edu host,
in the Oracle instance pcom. In order to use these functions
directly from
the
comadmin schema,
ISC must
grant
you
execute
privileges.
If you require these privileges, or have trouble viewing the functions and
scripts,
please contact
penncommunity@isc.upenn.edu for assistance.
|
