day 2: recent developments in parliamentary websites, mr. erdinal hendradjaja, parliament, indonesia

World e-Parliament Conference 2016#eParliament28-30 June 2016 // Chamber of Deputies of Chile // Valparaiso

Integrating Application Using Single Sign On (SSO) Indonesian Parliament

Introduction

House of Representativesof The Republic of Indonesia

Secretariat General– IT Specialist

Erdinal Hendradjaja– erdinal@dpr.go.id

Fariza Emra– farizaemra@dpr.go.id

Indonesian ParliamentIT Users

560 MPs

1325 state employees (secretariat)– 20 Bureaus and 63 Departments

>4000 external employees (MP’s Staff)

5000 active users per day (average)– Incl. guest and press

Parliamentary Websitewww.dpr.go.id

Parliamentary WebsitePrevious Challenges

Public demand for data

Content management

Centralized in IT department

Difficult to organize data

Lack of human resource

Non update content

Issues:Issues:

Parliamentary WebsitePrevious Challenges

Custom application for each department needs

Distributed responsibility

Content managed by the content owners

Separate admin panel (web-based application)

Solutions:Solutions:

Parliamentary WebsiteNew Challenges

30+ applications built, and each application has different credential

Some users have to remember many username and password

Each application has its own authorization

Username/password forgets request keep increased day by day

Very difficult to manage users

Single Sign On SystemThe Idea

Every user has their own personal username and password

Easy to manage user authentication and authorization

The username and password should also apply to other application: email, cloud, office applications and network applications

Single Sign On SystemImplementation

LDAP as communication protocolto Active Directory service.

Using attributes of Active Directory to manage both authentication and authorization of every user.

Web-based application as interface

Using multiple server for load balance

Single Sign On SystemImplementation

Windows Operating System

Apache Web Server

Microsoft Exchange and

Windows Active Directory Server

PHP Web Programing

Parliamentary WebsitePrevious Admin Panel : Centralized

Parliamentary WebsiteWeb Portal as an Entrance to the “Single Sign On System”

Single Sign On SystemBenefits

Easy to manage users

Log and track: who did what in which app

Different role in each app

Easy to build new app

Single Sign On SystemChallenges and Future Developments

Specific spec for external app

Single point failure on AD server

Security vulnerable

SSO for mobile Apps

Simple Password

Recovery Procedure

We are still developing this system to get better user experience

We are open for any suggestion and further discussion

Thank you