MURDOCH     INDEX     SEARCH     PEOPLE  
Index >>  Facilities & Services >>  Information Technology >> 

Murdoch Authentication & Identification System

MAIS Help Topics


MAIS, What Is It?

The Murdoch Authentication & Identification System, or MAIS, is a system used to authenticate and authorise members of the University community who require access to restricted information resources, application systems and services provided by, or for, Murdoch University.


MAIS, What Is It Used For?

The MAIS is used to:-

  1. Identify members of the University community via a combination of Murdoch Username (ie. Staff Number, Student Number, or MAIS Person Number) and Murdoch Password
  2. Hold data about persons who are neither staff nor students of the University (ie. MAIS Others)
  3. Create and maintain MAIS Authorities associated with persons and positions
  4. Provide a consistent login and logout interface via a Secure Web Server, the MAIS Authentication Server
  5. Store login session data, with an indicator of 'freshness', so that sessions age, forcing a person to login again
  6. Enable the application of access restriction to information resources, application systems and services accessible via Murdoch Web sites, or hosted externally
  7. Provide login persistence between information resources, application systems and services that have had access restriction applied via the MAIS
  8. Enable registered Web Servers on the murdoch.edu.au domain to interact with the MAIS Authentication Server (https://mais.murdoch.edu.au)
  9. Manage the assignment of the role of MAIS Authorised Agent to selected positions
  10. Maintain data for the organisational structure (functional), including Murdoch Organisational Unit Codes (MOUs)
  11. Enable login synchronisation by reticulating password changes every 5 minutes for use by other Murdoch authentication systems and selected services
  12. Provide an authoritative source of data about people, positions, organisational units and locations for use by other systems

Availability of the MAIS

The MAIS database is available at all times.

Should there be a problem with the MAIS database, the MAIS Login screen will carry a WARNING message, such as the 'database is offline', or a Web browser will display an error message, eg.

Failed to connect (via RPC) with Oracle listener (check_idval)

The MAIS Authentication Server is available at all times.

Should there be a problem with the Web Server, a Web browser will display a system error message.

Who Can Use the MAIS?

Use of the MAIS for authentication and authorisation purposes is restricted to members of the Murdoch University community. This includes staff, students and 'MAIS Others'.

MAIS Database

The MAIS database is a corporate database containing information about people, positions, organisational units, and location information for buildings and facilities on the Murdoch campuses. It also holds MAIS Login session data.

The MAIS database is populated primarily by data extracted from other University databases, including the Human Resources Information System and the Student Management System. There is a facility for authorised persons to add entries to the database for 'others', usually referred to as MAIS Others.

The MAIS database is the authoritative source of Murdoch Usernames and Murdoch Passwords reticulated to other systems and services for authentication purposes. It is also a source for datafeeds used for portlets and other systems requiring data about persons at Murdoch.

An entry in the MAIS database is a pre-requisite for:

  • an email account
  • modem/dialup access
  • an entry (for staff) in the Murdoch Campus Directory
  • obtaining a Murdoch telephone extension

Staff and Student Database Entries

Each night, the MAIS database is updated using data downloaded from the Human Resources Information System and the Student Management System. This means that when staff leave, or their contracts expire, or when students cease to be enrolled, their entries in the MAIS database will expire and they can no longer access services and systems that use the MAIS database for authentication, or for access restriction. However, there may be services that use a MAIS database entry to identify students who are no longer enrolled, and following login using a Murdoch Username and Murdoch Password, allow them access.

Staff who are waiting for a renewed contract to be processed may find that they cannot use their Murdoch Password until their details in the MAIS database have been updated.

Students should note that if they are not enrolled in the active Semester (eg. Semester 2), but have completed enrolment procedures for the next Semester (eg. Semester 1), they may not be included in the MAIS database. The MAIS records a student as 'active' only when their enrolment period is within a set number of days of the current date.

Data Held in the MAIS Database

Data currently held in the MAIS database includes:

People

Details of people, including -
Staff Number
Student Number
Person Number
Person Title
Family Name
First Given Name
Second Given Name
Third Given Name
Fourth Given Name
Preferred Given Name
Birth Date
Preferred Email Address
Phone Number
Murdoch Password
Password Expiry Date
Staff Expiry Date
Student Expiry Date
Expiry Date (related primarily to non-Staff, non-Student persons)
MAIS Person Number

NOTE: All persons with an entry in the MAIS database have a MAIS Person Number. The MAIS Person Number for a MAIS Other is allocated when a MAIS database entry is created by authorised staff in the Office of IT Services. A person who is a MAIS Other uses the MAIS Person Number as their Murdoch Username.

Positions

Details of people currently occupying positions, including -
official Murdoch position titles (occupied by Murdoch Staff)
Position Expiry Date
unofficial Murdoch position titles (eg. of contractors, postgraduate students, etc)

Organisational Units

Details of Murdoch's organisational structure, including the names and MOU codes for organisational units -
official organisational-units of Murdoch (MOUs)
unofficial organisational-units of Murdoch (eg. functions like HelpDesk)
organisational-units formally affiliated with Murdoch (eg. Guild, Murdoch College)
organisational-units associated with Murdoch (eg. Hairdresser)

Locations

Details of Murdoch's geographical locations (all campuses), including -
campus
buildings
rooms
meeting rooms
lecture theatres
schools
services
carparks

Preferred Email Address

The MAIS database holds details of the preferred email addresses of both staff and students.

Preferred Email Address (Staff)

The preferred email addresses of staff are stored in the MAIS database. This data is then extracted for use by Murdoch's Campus Directory as part of the display of details of people associated with Murdoch University.

The preferred email address is extracted from the MAIS for use by other systems and services at Murdoch (eg. LMS and the Library System). This means that if staff do not maintain their current preferred email address in the MAIS database, then problems will occur with email being misdirected when sent using these other systems.

To update their email address details in the MAIS database, staff need to access the update facility, ie. the Campus Directory Update - Editor. Access to this editor is restricted via the MAIS Login screen and staff will be prompted to enter their Murdoch Username (ie. Staff Number) and Murdoch Password.

The Campus Directory Update - Editor will only update email address details held in the MAIS. Using the editor will not ensure that email sent to a previously used email address is redirected to the preferred eamil address. Staff will still need to ensure email redirection from one mail server to another is in place if needed.

Preferred Email Address (Students)

The preferred email addresses of students are stored in the MAIS database. These addresses are not made available via the Campus Directory.

All students are allocated an email address in the format of studentnumber@student.murdoch.edu.au as part of their automatically generated account hosted via Live@edu. Those students who choose to use an alternative email address may make use of a facility to re-direct email from their University email address to their preferred email address.

The email redirection facility for students to use is offered within MyInfo (the Web interface for students to the Student Management System (Callista)). The preferred email address details are extracted from the Student Management System and stored in the MAIS database as well as in other systems such as LMS and the Library System.

To access MyInfo, students are advised to login to MyMurdoch, the Student Portal, select the 'MyInfo' tab from the navigation bar and then use the [Access MyInfo] button on the portal page to access the MyInfo system.

Students should ensure that they use MyInfo to update their email address details to their preferred email address so that other systems such as LMS and the Library System make use of the current preferred email address.

MAIS Others

'MAIS Others' are persons who are neither staff of Murdoch University, nor students of Murdoch University, but who have some formal asssociation with Murdoch University that requires them to have an entry in the MAIS database (eg. contract staff, consultants).

For such a person to obtain an entry in the MAIS database they need to complete a Request for Murdoch Username and Password Form (PDF). The form must be authorised with the signature of an appropriate person. The list of MAIS Authorised Agents should be used to determine who should sign the form. If it is unclear who should act as a MAIS Authorised Agent, then the IT Service Desk should be contacted by phone on 9360 2000.

The applicant (personally) should take the completed form (together with some personal identification with an identifiable photo, such as a Driver's Licence) to the IT Service Counter (Level 2, North Wing, Library, Murdoch Campus). If the applicant is unable to attend the IT Service Counter in person, then they may send a completed application form via internal mail to the IT Service Counter, or arrange for their Authorised Agent to deliver the form to the IT Service Counter for them.

For more detail, refer to Requesting a Murdoch Password (New Person) 'MAIS Other'

NOTE: A MAIS 'Other' entry in the MAIS database is valid for 12 months, unless an earlier expiry date is specified by the MAIS Authorised Agent.

MAIS Authorised Agents

A number of positions have had the role of MAIS Authorised Agent assigned to them via associating the position they occupy with a specific MAIS Authority Type.

The agents can authorise 4 types of requests. They include requests related to Murdoch Usernames, Murdoch Passwords and extended access to University systems and services.

To view a listing of Murdoch organisational units and the persons in these units that have the role of MAIS Authorised Agent, select either:

To display contact details (phone, email, location), identify an agent associated with the appropriate organisation unit.

MAIS Login and Logout

MAIS Login

When using Murdoch's Web sites, access may be required to information resources, application systems and services that have had access restriction applied via the MAIS. When a MAIS restricted resource is selected, the MAIS Login screen displays and prompts for a Murdoch Username and Murdoch Password.

Two processes are initiated, authentication and authorisation. The authentication process is completed when a Murdoch Username and Murdoch Password are entered, the [Login] button is selected, and the Murdoch Username and Murdoch Password are validated against data stored in the MAIS database. The authorisation process, if required, confirms that a person is a member of a valid MAIS Group, or that they have a particular MAIS Authority Type associated with their entry in the MAIS database, or, in some cases (for staff), associated with the position they occupy.

The MAIS Login screen displays 1 button, [ Login ] and 3 links:

  1. Check your current MAIS Session [for details of a login session in the MAIS database and a link to MAIS Logout ]
  2. Forgotten your password? [for information on what to do next]
  3. Further help on MAIS [the MAIS Help Topics, including MAIS Login persistence and MAIS Logout]

Upon successful completion of the MAIS Login process, a login session is created in the MAIS database and the browser displays the information resource, application system, or service.

When a person is not a member of a nominated MAIS Group, or does not have the requisite MAIS Authority Type associated with their entry in the MAIS database, a Web browser will display a MAIS error message.

eg. ' ... not a member of a valid group', or ' ... MAIS Authority Type Code denied'.

MAIS Authentication Server

The MAIS Authentication Server (https://mais.murdoch.edu.au/) interacts with the MAIS Database for the purposes of authentication and authorisation.

The MAIS Authentication Server is used for both MAIS Login and MAIS Logout.

When the MAIS Login screen displays, the URL in the address bar includes an 's' with the 'http', ie. 'https'.

eg. https://mais.murdoch.edu.au/login

This means that the MAIS Authentication Server is a Secure Web Server and a Murdoch Username and Murdoch Password passed from Web browser to Web Server will be encrypted.

At times, the URL for a resource restricted via the MAIS does not include the 's' with the 'http'. Although the MAIS Login screen is displayed via a Secure Web Server (https://mais.murdoch.edu.au/login) and login details are encrypted, the Content hosted on the 'insecure' Web Server and retrieved by a Web browser is not encrypted.

MAIS Gateway

The MAIS Login process has been applied to a number of externally hosted services used by Murdoch staff and students. A paired or trust relationship is established between third-party services and the MAIS Gateway.

Examples include:

  • Electronic Book Library (EBL)
  • MyAnswers (RightNow)
  • Live@edu (Microsoft)
  • Travel Management System (Trobexis)

MAIS Login Persistence

Login persistence may also be referred to as single sign-on.

Once a MAIS restricted information resource, application system, or service has been accessed, and thus a valid MAIS Login session has been created in the MAIS database, in most cases, the login prompt should not display when a link is selected to another MAIS restricted resource, provided this is within the MAIS Timeout period. This persistence of a login session occurs for many, but not all Web-based applications, and for programs and pages where the domain name includes murdoch.edu.au and the Web Server is registered to interact with the MAIS Authentication Server. However, if a set MAIS Timeout period has elapsed (and this can vary from one application or program to another), then the login session data held in the MAIS database is deemed too 'old', and the MAIS Login screen will display.

NOTE: Once logged into the MAIS, a link to another unrestricted information resource or service may be selected, but the MAIS Login session will remain current until it times out, or MAIS Logout is initiated.

If a Web browser is used in a public area, or a Web browser is to be left unattended, the MAIS Logout link should be used.

MAIS Login Problems

For problems with MAIS Login, contact the IT Service Desk by phone (08) 9360 2000, or by email to itservicedesk@murdoch.edu.au. Provide the name of the information resource, the application system, or service, details of any error message, and the URL of the page displaying an error message.

MAIS Login Screen

As a number of different application systems and services make use of the login combination of Murdoch Username and Murdoch Password, when login problems are reported, please clarify whether or not the login screen displayed is the MAIS Login screen. If it is a MAIS Login screen, it will display the heading Murdoch Authentication & Identification System.

MAIS login problems may be due to:

  1. Incorrectly entered Murdoch Username
  2. Incorrectly entered Murdoch Password (check that CAPS LOCK is not on)
  3. The MAIS database entry has expired (eg. contract staff who have ceased employment; former staff; past students; returning students who have not yet re-enrolled)
  4. Problems with the computer that hosts the MAIS database (this is a different computer to that used to display the MAIS Login screen)
  5. Problems associated with the MAIS Authentication Server used to display the MAIS Login screen
  6. Problems associated with a Web browser - this may mean the version of the browser software needs to be upgraded, or the setup of the Web browser needs to be modified (eg. use of Proxy Cache Servers)

Commonly Occurring Problems

Cookies
If the MAIS Login screen displays over and over
... the Cookies Feature needs to be enabled

Browser Version
To avoid login problems related to access via a Secure Web Server.
... an upgrade to a Web browser may be needed

Proxy Cache Server
Where an ISP is used for access to Murdoch Web sites, a Web browser's Proxy setup may need to be revised to exclude Murdoch Servers. This may be necessary if the resource is hosted on, or accessed via an insecure Web Server (ie. a Server that does not use a Digital ID)
If a Web browser's Proxy Cache settings are modified to exclude Murdoch Servers, then they may need to revised again before using the Library's Off Campus Access to Electronic Resources

Web Browser Problems

Refer to MAIS Web browser requirements, and to information on upgrading Web browsers. Sometimes a new version of a browser can have problems (eg. with setting the cookie used as part of the MAIS Login authentication process).

MAIS Login Error Messages

When problems are experienced with logging in, the MAIS Login screen will display a warning message above the box for entering a Murdoch Username. In addition to the short message, there is a link for (More Information). When the link is selecte, a small window opens and includes a longer explanation for the problem experienced.

A listing of commonly occurring MAIS Login error messages is available.

If the MAIS Login process results in an error page displaying the warning message "If you have reached this page, you have most likely encountered a Browser glitch. This can usually be fixed by pressing the Back button on your browser", try using the Back button.

If the problem persists, it may be necessary to:-

  1. Force a MAIS Logout using this URL https://mais.murdoch.edu.au/logout
  2. Clear Web browser cache and cookies
  3. Close the browser
  4. Open the browser
  5. Login to MAIS using this URL https://mais.murdoch.edu.au/login
  6. With a valid MAIS Login session, go to the page offering the resource, application system or service that has been restricted via the MAIS and select the link

MAIS Logout

If an information resource, application system, or service has had access restriction applied via the MAIS, there should be either a Logout link adjacent to a person's name, below a horizontal navigation bar on right hand side of the Web page, or, a MAIS [Exit] button displayed on the bottom of the page. When the Logout link is selected it ends a MAIS Login session in the MAIS database and clears any associated Web browser cookies.

To force a logout from the MAIS, select this [ Logout ] link.

In addition to logout from the MAIS database, the MAIS Logout link offered on pages such as the MyMurdoch (Portal) pages, initiates a logout from other systems that have had access restricted via the MAIS (eg. LMS, Lectopia, MyInfo and MyStudents).

MAIS Access Restriction

When information is of a personal, sensitive, or confidential nature, the MAIS is used to apply access restriction to information resources, application systems and services accessible via Murdoch Web sites, or hosted externally. In many cases, access restriction may be very broad, using a MAIS Group (eg. any current Murdoch staff member, or currently enrolled student, or student eligible to re-enrol), or it may be specific to persons (via their Murdoch Username), or limited to persons, or positions that have a particular MAIS Authority Type associated with their entry in the MAIS database.

In some cases, a staff member, a student, or a MAIS Other may enter a Murdoch Username and Murdoch Password at a MAIS Login screen but find they have insufficient authority to access the restricted resource. If this is the case, a MAIS Login attempt will return an error message or warning, stating that ' ... Access not permitted (not a member of a valid group)' or, '... MAIS Authority Code Denied'.

Any person using a Murdoch Web site, who thinks that they should have the required authority to access a restricted resource, should contact the IT Service Desk on 9360 2000, or e-mail, itservicedesk@murdoch.edu.au). The Service Desk will ask authorised staff in IT Services to either use the MAIS Authority Type Search to determine who is the custodian of an associated MAIS Authority Type, or try to determine the MAIS Groups that access has been restricted to.

Off-Campus Access

In some cases, the MAIS Login screen will only display when a system or service (eg. Complete Booklist, Exam Papers) is accessed from off-campus. This is where the restriction has been set to the access level of 'murdoch'. In these cases, the restriction will allow access for current staff, currently enrolled students of Murdoch University, or students eligible to re-enrol at Murdoch University. The restriction will only allow access to students from other MAIS Groups (eg. 'oua-students' and 'mit-students'), if the relevant group has been added to the access restriction configuration.

For information on the Access Levels assigned to Web content, refer to Restricting access to Web content.

For details on how to use the MAIS to apply access restriction, refer to Using the MAIS to Restrict Access to Web Content.

For assistance with using the MAIS to apply access restriction, contact De Stanton (Ext: 6311), or Murray Rosenberg (Ext: 2427).

To identify application systems and services where the MAIS has been used, refer to Systems and Services Using MAIS Access Restriction.

MAIS Groups

Any person with an entry in the MAIS database is a member of at least one MAIS Group. Most people are members of more than one MAIS Group.

MAIS Groups include:

  • staff, students, oua-students, mit-students, others, course, unit, orgunit, orgset

Membership of a MAIS Group is defined as:

staff persons recorded in Murdoch University's Human Resources Information System as staff of Murdoch University
students persons recorded in Murdoch University's Student Management System as students of Murdoch University (either currently enrolled, or, eligible to re-enrol)
oua-students persons recorded in Murdoch University's Student Management System as students of Open Universities Australia
mit-students persons recorded in Murdoch University's Student Management System as students of Murdoch Institute of Technology
others persons who are neither staff of Murdoch University, nor students of Murdoch University, but who have some formal association with Murdoch University which requires them to have an entry in the MAIS database (eg. contract staff, consultants)
course students enrolled in a Course offered by Murdoch University
unit students enrolled in a Unit offered by Murdoch University
orgunit persons associated with a specific Murdoch Organisational Unit (MOU)
orgset persons associated with a Structured Murdoch Organisational Unit (SMOU) - ie. associated with a specific MOU, or any of its subunits

For situations where a person attempts to access a restricted resource, application system, or service and finds their Web browser displays this error message

" ... Access not permitted (not a member of a valid group)"

after they have logged in via a MAIS Login screen, the IT Service Desk should be contacted.

The IT Service Desk will then ask authorised staff in IT Services for assistance in determining what MAIS Groups are able to access the restricted resource.

Using MAIS Groups to Restrict Access

If a MAIS Group is to be used to apply access restriction, then a Content Provider needs to use the appropriate metadata tagging with the files to be restricted.

The MAIS Groups 'course' and 'unit' are always qualified by an alphanumeric code. The University's Handbook needs to be referred to for details of Course Codes and Unit Codes.

The MAIS Groups 'orgunit' and 'orgset' are always qualified by a numeric code. The University's Organisational Chart needs to be referred to for a Murdoch Organisational Unit Code (ie. a MOU code), or for a Structured Unit Code (ie. a SOU code), for an organisational unit that because of its place in the hierarchy, may be used as an 'orgset' for the purposes of restricting access.

Alternatively, authorised staff in IT Services may be contacted and asked to use the MAIS Organisation Search to identify the MOU or SOU codes for use with metadata tagging.

For information on using the MAIS to apply access restriction to an information resource, an application system, or a service, contact De Stanton (Ext: 6311), or Murray Rosenberg (Ext: 2427).

NOTE: Content Providers using the University's Content Management System (CMS), when applying access restriction to Content, have access to a pop-up editor for setting access levels and selecting MAIS Groups.

MAIS Authorities

The Murdoch Authentication & Identification System (MAIS) includes a facility for creating MAIS Authorities which are then associated with a person or position to grant specific permissions to perform restricted activities or functions. MAIS Authorities are used in applying access restriction via the MAIS.

Where a MAIS Authority Type is in use, at the time a person logs in via the MAIS Login screen to access a restricted information resource, application system, or service, the MAIS database is checked to determine if the person (or the position they occupy) has the appropriate MAIS Authority Type associated with their entry in the MAIS database.

Each MAIS Authority Type has associated with it a numeric value or code, and three roles, 'custodian', 'grantor' and 'user'.

  1. Custodian
    2. A person (or position) who has been assigned the 'custodian' role for a MAIS Authority Type is able to assign the 'grantor' and/or 'user' role to any other person (or position) - and/or remove such privilege.
  2. Grantor
    3. A person (or position) who has been assigned the 'grantor' role for a MAIS Authority Type is able to assign the 'user' role to any other person (or position) - and/or remove such privilege.
  3. User
    4. A person (or position) who has been assigned the 'user' role for a MAIS Authority Type is able to perform whatever function that MAIS Authority Type restricts (such as to access an information resource, or application system, or a function within a system).

For any MAIS Authority Type, there may be more than one person (or position) who has been assigned the 'custodian' and/or 'grantor' and/or 'user' role.

MAIS Authorities Listing

MAIS Authority Types have been created for activities such as 'editing', 'viewing', 'administering', 'maintaining', 'accessing', 'authorising' and for roles, eg. MAIS Authorised Agent, LMS Technical Support.

A listing of currently used MAIS Authorities is not made available. The following are examples:

  • Administer Electronic Voting System
  • Authorise Staff Announcements
  • Edit Academic Contacts Index
  • Edit IT Service Desk Current Issues
  • Register Remote Servers Using MAIS
  • View Committee on University Entrance
  • View LMS Project Materials
  • View RDSC Materials

There is also no listing available of the people or positions assigned the role of 'custodian' for the MAIS Authority Types.

Authorised staff in IT Services may be contacted by the IT Service Desk and asked to use the MAIS Authority Type Search to identify the 'custodian' and 'grantor' for a particular MAIS Authority Type. This is done for situations where a person attempts to access a restricted resource, application system, or service and finds their Web browser displays this error message after they have logged in via a MAIS Login screen.

" ... MAIS Authority Type Code denied" as it imples they have insufficient authority for access.

The IT Service Desk will then be able to contact the 'custodian' to determine if the person should be provided with access.

For those staff members who have been assigned the role of 'user', 'grantor', or 'custodian', for a MAIS Authority Type, a listing of their MAIS Authorities will be included in a portlet on the MyInfo page in MyMurdoch, the Staff Portal.

Using a MAIS Authority Type to Restrict Access

If a MAIS Authority Type is to be used to apply access restriction to Content, then a Content Provider needs to use the appropriate metadata tagging with the files to be restricted.

For information on using the MAIS to apply access restriction to an information resource, an application system, or a service, contact De Stanton (Ext: 6311), or Murray Rosenberg (Ext: 2427).

Content Providers who need to determine if a suitable MAIS Authority already exists, should contact contact De Stanton (Ext: 6311), or another IT Services staff members who is authorised to use the MAIS Authority Type Search to identify any relevant MAIS Authority Type and provide the numeric code.

NOTE: Content Providers using the University's Content Management System (CMS), when applying access restriction to Content, have access to a pop-up editor for setting access levels and selecting MAIS Authority Types.

Requesting a New MAIS Authority Type

A number of staff in IT Services have been granted the MAIS Authority to create new MAIS Authority Types.

To request a new MAIS Authority Type, contact De Stanton (Ext: 6311), or Murray Rosenberg (Ext: 2427).

MAIS Authorities Maintenance & Inquiry

This facility is used by authorised persons to maintain MAIS Authority Types.

A person who is either a 'custodian' or a 'grantor' for a MAIS Authority Type, may use this link. The system will display a list of all MAIS Authority Types associated with the person's MAIS database entry. The appropriate MAIS Authority Type should be selected and the various functions used to add or delete persons or positions to the Authority.

Problems using this facility should be reported to De Stanton (Ext: 6311).

MAIS, Where is it Used?

MAIS Access Restriction has been applied to information resources, application systems and services.

Systems and Services Using MAIS Access Restriction

An index is maintained of those Systems and Services Using MAIS Access Restriction.

Web Pages and Files Using MAIS Access Restriction

MAIS Access restriction has also been applied to a large number of information resources, including static Web pages and files in other formats (eg. PDF, Word, PPT).

Examples of such pages and forms that send email, are:

  1. Check That Your Murdoch Password is Valid (page)
  2. Academic Council Minutes - November, 2010 (page)
  3. Thesis Deposit Form (interactive form)
  4. Videoconferencing Facility Booking Request (interactive form)

For information on the use of metadata to restrict access, refer to Using the MAIS to Restrict Access to Web Content.

For information on using the MAIS to apply access restriction to an information resource, an application system, or a service, contact De Stanton (Ext: 6311), or Murray Rosenberg (Ext: 2427).

Systems and Services Using Their Own Login Screen With the MAIS Database

Some application systems interact directly with the MAIS database for authentication purposes, using their own login screen that prompts for a Murdoch Username and Murdoch Password.

  1. MyInfo (past students)
  2. Online Response System

There are other systems and services in use at Murdoch that have their own login screen and usually a separate database, or the application system's database, is used to hold usernames and passwords.

MAIS System Error Messages

After entering a Murdoch Username and Murdoch Password at a MAIS Login screen, a Web browser may return one of the following error messages. Please take the recommended action.

  • A security error has occurred (eg. Security Error 3681440).

    If a Web browser that does not support the security feature, then the browser will report an error
    The Web browser needs to be upgraded to a version that supports the security feature
    For assistance with upgrading a Web browser, contact the IT Service Desk on 9360 2000

  • Server is busy.

    Phone the IT Service Desk on (08) 9360 2000
    State that the MAIS Login screen is being used to access a restricted resource
    State that a Murdoch Username and Murdoch Password have been entered
    Provide the wording of the error message Server is busy to explain that a connection to the MAIS has failed to continue

  • A system error occurred.

    Phone the IT Service Desk on 9360 2000
    State that the MAIS Login screen is being used to access a restricted resource
    State that a Murdoch Username and Murdoch Password have been entered
    Provide the wording of the error message A system error occurred to explain that the MAIS has returned an error message
    Provide details (ie. Murdoch Username, Name and phone number) when requested by the IT Service Desk staff
    The advice from the IT Service Desk will be to check MAIS Login again to see if it is functioning correctly

MAIS Web Browser Requirements

To use the MAIS Login screen, a recent version of a Web browser is recommended. A Web browser needs to be:

  • forms compliant
  • have Cookies enabled
  • support the security feature, ie. Secure Socket Layer (SSL)
  • have the Proxy Cache Server setup revised if needed (this may be the case for browser connecting to the Internet via an ISP)

    • Cookies

    The MAIS Login screen allows members of the Murdoch community to enter their Murdoch Username and Murdoch Password. These details are validated in the MAIS database and a MAIS Login session is created. Information about the MAIS Login session is retained by the Web browser by means of a 'cookie'.

    In order for the MAIS to obtain information about a MAIS Login session, a Web browser setup should not be modified to disable support for 'cookies'.

    NOTE: If 'cookies' have been disabled, tbe MAIS Login screen will display over and over.

    The IT Service Desk should be contacted when a Web browser does have 'cookies' enabled, but MAIS Login problems still occur.

    Security and Secure Web Servers

    The security of data transmitted by a Web browser depends on a Web browser supporting the security feature and the information resource being accessed via a Secure Web Server.

    When a Web browser sends a request to a Secure Web Server, the data sent is encrypted and the data returned via the Server is also encrypted.

    The Secure Web Server used for MAIS Login is referred to as the MAIS Authentication Server.

    Proxy Cache Servers

    Domains Other Than murdoch.edu.au

    If a computer is not on the Murdoch University Network (eg. Internet access via an ISP, or a computer at a place of employment), a Proxy Cache Server other than Murdoch's Proxy Cache Server is probably used.

    Login via a MAIS Login screen is handled by the University's Secure Web Server, the MAIS Authentication Server. In this situation a Proxy Server used by an ISP or an employer, has no effect as the data being transferred between the Web Server and a Web browser is encrypted. The MAIS Login routine notes a browser's IP address as being the REAL address.

    Insecure Web Servers

    If a resources that has had access restriction applied via the MAIS is NOT hosted on or accessed via a Secure Web Server (ie. there is no Digital ID), then problems may occur with the MAIS Login process.

    Even though the initial part of the process ensures that a valid MAIS Login session is established, the Proxy Cache Server used by an ISP or employer DOES take effect when, as in the next part of the process a Web browser tries to retrieve a resource hosted on or accessed via an insecure Web Server.

    The Proxy Cache Server of an ISP or employer acts as a buffer, and so the 'client IP' (ie. the Web browser's IP address) as seen by the MAIS Authentication Server is NOT the browser's IP address, but is the Proxy Server's IP address. This conflict in IP addresses causes a MAIS security alert, as a change in IP address is considered a security breach. If this is the case, the MAIS Login process fails and returns an error message to the browser (eg. 'client address conflict').

    NOTE: Some types of Proxy Cache Servers pass on the Web browser's real IP address as well, and thus avoid this problem.

    Action To Take
    Modify Browser Settings
    To avoid MAIS Login failing, modify a Web browser's Proxy Cache Server setup to exclude Web Servers at Murdoch. Either use a wildcard, eg. *.murdoch.edu.au, or list those Insecure Web Servers known to use MAIS Login as part of access restriction.
    A Web browser's settings may need to be revised again when accessing Library databases hosted on remote Servers. Check the instructions provided by the Library.

    Modify the URL
    Some resources are only restricted when a Web browser is NOT on the Murdoch University Network.
    If MAIS Login problems occur and the error message is 'client address conflict' then the URL used for the resource should be revised to add an 's' to the 'http'.
    This solution only works if the Web Server hosting the Content actually has a Digital ID and a Secure Server setup.

    MAIS Organisational Structure Management

    A facility for MAIS Organisational Structure Management is used by authorised staff in the Office of Human Resources to edit data held in the MAIS database for Murdoch Organisational Units, including their associated MOU codes. This data is used in conjuction with the Human Resources Information System and OrgPlus to provide an Organisational Chart (functional) for staff to view a graphic representation of the structure and to find MOU codes for organisational units.

    Using MAIS Groups to apply access restriction via the MAIS includes the use of MOU codes to restrict access to a resource to staff within one or more Organisational Units.

    Information about the Murdoch Organisational Structure (functional) is made available by the Office of Human Resources.

    MAIS Support Portal

    A facility used by authorised staff in IT Services to query the MAIS database and view details of a person, of MAIS Authorities, and of Murdoch organisational units.

    MAIS Authority Type Search

    A facility used by authorised staff in IT Services to search the MAIS database by keyword or by Authority Type code and display a listing of 'custodians', 'grantors', and 'users', for a particular MAIS Authority Type.

    This search tool is used for identifying MAIS Authority Types and the persons or positions associated with them in the roles of 'custodian', 'grantor' and 'user', and to facilitate the use of MAIS Authority Type codes in metadata tagging used to restrict access via the MAIS to information resources, application systems and services.

    MAIS Organisation Search

    A facility used by authorised staff in IT Services to search the MAIS database by keyword, or by Murdoch Organisational Unit (MOU) code, and display information about an organisation unit within the Murdoch organisational structure, including the parent MOU and any child MOUs, the associated DCode (as used in the Campus Directory database) and the Structured Unit Code (SOU), which is the numeric representation of an organisational unit's place in the organisational hierarchy (eg. 0063; 002).

    This search tool is used for identifying MOU codes and SOU codes. These codes are used to define a MAIS Group in metadata tagging used to restrict access via the MAIS to information resources, application systems and services.

    MAIS Person Search

    A facility used by authorised staff in IT Services to search the MAIS database by one or more keywords that include elements of a person's name, Murdoch Username, MAIS Person Number, or email address. The search can be limited by MAIS Group and by status in the MAIS database (eg. current, expired). The search results include a person's title, firstname, lastname, Murdoch Username, MAIS Person Number, Type (ie. MAIS Group), email address, organisation area, position title and a list of the MAIS Authorities associated with their entry in the database. Also displayed is a person's login session data in the MAIS database (eg. IP address, freshness, last access date and time).

    This search tool is used for troubleshooting problems reported with MAIS Login.

    There are also MAIS Person Lookup tools used by application systems to search for a person who has been assigned a particular role (eg. the editing tool used for the Academic Contacts Index).

    Remote MAIS

    The facility for using MAIS Access Restriction on a Web Server other than the Apache Hosting Environment (AHE), is based on what is known as the Remote MAIS Libraries. This software may be installed on a computer on the Murdoch University Network, if it runs Apache Web Server software and is on the murdoch.edu.au domain. A Web Server needs to be registered so that it may connect to the MAIS Authentication Server for MAIS Login to restrict access to an information resource, or application system, or service that is hosted by, or accessed via that Web Server.

    Example: The Remote MAIS libraries are installed on computers that host the Lecture Recording System (Lectopia). MAIS Login Persistence is therefore available from the MyUnits page in MyMurdoch (the Student Portal) to Lectopia. This means that once a student has logged in via the MAIS Login screen to the MyUnits page, they may then select a link to Lectopia without being prompted to login again.

    MAIS Remote Server Administration

    Authorised staff in IT Services use a facility to register a Web Server on the murdoch.edu.au domain to run the Remote MAIS Libraries and connect to the MAIS Authentication Server.

     
    © 2012 Murdoch University   |   Copyright & Disclaimer   |   Privacy   |   Page Info