Content management error: Header Banners should not be placed in the Navigation placeholder!
Content management error: Generic Content Banners should not be placed in the Navigation placeholder!
Content management error: Generic Content Banners should not be placed in the Navigation placeholder!
The existing solution was based on CA SiteMinder and WebLogic required custom adapters and was not able to meet the new requirements to separate the services from the on-premise WebLogic solution to Cloud-based solutions. A new Access and Authentication solution would be needed to enable “Single-Sign-On” service across a variety of different systems, both on-premise, and on-cloud.
With a large user base of over 50,000 customers, the solution needed to be robust and user-friendly, removing the reliance on the existing Customer Service Team having to manually create new logins and “day-to-day” tasks like customer password resets. The ability for users to self-manage their access was a major requirement in reducing this workload.
Content management error: Generic Content Banners should not be placed in the Navigation placeholder!
Landgate’s digital strategy is to use Cloud-based solutions, as either SaaS or COTS applications where required. The solution needed the ability to expand and cover new cloud applications being planned to replace the on-premise solutions. Flexibility was a major requirement as to not restrict future solutions.
Several managed IAM services were considered, but at the point in time this was initially implemented, none of the services that satisfied Landgate’s functional requirements were storing data exclusively within Australia, violating Landgate’s data sovereignty requirements. Hence the solution that was selected was based upon Commercial Off The Shelf (COTS) solutions that were optimised for running from the AWS Cloud by Modis:
The AWS Services used to support the COTS solution:
The solution was designed to be automated for the deployment of updates to both the AWS configuration and the COTS services. This was done using an automation service to run jobs for deployment (in this case, Jenkins).
Jenkins was configured to monitor a code repository and upon each commit a new build was created that could then be deployed. The deployment process required that all deployments MUST pass each environment before being migrated to the next.
Repo => DEV => Test => UAT => Production
The Jenkins deployment to each environment uses customised CloudFormation templates to deploy the build into each of the environments. This solution means users do not need to login to the AWS console or the EC2 instances at any stage of the deployment process. This allows for the security to be increased on the EC2 instances as users do not need to SSH to the instances.
Content management error: Generic Content Banners should not be placed in the Navigation placeholder!
Since the new Access and Authentication solution has been implemented Landgate has introduced several new cloud-based applications that rely on the new IAM solution for authentication, user account management and SSO. The solution has allowed for different types of Authentication protocols to be used (including SAML, OpenID/JWT) to all share the same process giving users a single login allowing them to access on-premise and cloud solutions seamlessly.
User management has been greatly improved with self-registration and password reset ability now no longer placing a burden on the Customer Support Teams. The solution was also extended to allow Billing Account Owners the ability to add and remove users to access their billing accounts giving Account Owners more control of their Accounts and reducing turn-around of having users added and removed from 12 days (using the old manual process) to seconds.
Development and Operations of the solution have been significantly improved, whereas previously any changes to the IAM solution resulted in a full outage of all Landgate online applications. The new solutions by using the AWS AutoScale and CloudFormation can roll in the new changes without the need for an outage of the IAM solution.
The use of AWS in conjunction with the COTS application has created a solution that has the flexibility to keep up-to-date and allow for future applications to be integrated into a single-sign-on solution giving the users a simple and clean user experience.
Modis continues to maintain this application and update the environment. Stricter encryption protocols and ciphers are actively maintained for in-flight data, and in 2019, the solution was updated to include full IPv6 connectivity from the Internet, further ensuring that the service is highly available for all users.
Content management error: Generic Content Banners should not be placed in the Navigation placeholder!
Content management error: Generic Content Banners should not be placed in the Navigation placeholder!
Content management error: Generic Content Banners should not be placed in the Navigation placeholder!