Resources needed to integrate iTunes U with existing authentication?

Well, if you have a Mac OS X Server sitting around someplace…just a computer with OS X Server running on it…I could probably do a quick-n-dirty setup in a couple of days. If your iTunes U portal is something else (Linux server running Apache, say), it could take a bit longer. I am not aware of anyone (outside Apple of course) that does this kind of thing. You -can- hire Apple to come and set it up for you.

Under OS X Server, I find dscl is just this amazing tool. It gives you a way to query a directory service and verify that a particular user can bind to the target directory (Active Directory, OpenLDAP, eDirectory, etc.). It also gives you a way to read directory attributes…which is useful for setting up specific permissions.

But if you can't use dscl, you might be able to achieve what you're after using OpenLDAP client software. It'd still take a bit of scripting/coding.

Well, all the better. We use Active Directory to authenticate our users. 🙂 Every site is, of course, different, but if you're using Active Directory, and you can configure the Directory Services plugin on OS X Server to use it (usually easy), then you're about 90% of the way to getting a simple portal working. It's just a matter of scripting dscl.

Frank, in answer to your questions…

Frank Fulchiero wrote:
1. What technologies does one have to be familiar with to write up iTunes U authentication with existing authentication systems? In the sample download, there are files in C, Java, Perl and Python. Do you need to know all of these, in addition to HTML?

You do not need to know any particular language…Apple's examples are just starting places. Each of those code samples does exactly the same thing, just in a different language. In addition to the samples that Apple provides, others have written similar code samples in languages like C#, VB.Net, and Ruby. "In principle", you could use a language not yet explored by others (say Erlang or Haskell or whatever)…but you would need to do pretty much what the other code samples do.

If I had to give a rough summary of what you would need to know to implement an iTunes U portal, it'd run like this:

1. You need to be able to setup a web server. It can be any sort of server with which you are most comfortable…IIS in Windows, Apache running on Linux, or OS X Server's web server (which is also Apache)…or even something else.

2. You need to know how to get CGI running on your chosen web server. The actual CGI code can be in any language you like (Apple's samples are in Perl, C, Python, etc., as you pointed out). But you need to know how to get CGI code installed and working on your web server. In addition, you need to know just enough about how the code works to adapt it to suit your specific institution.

3. You need to know just enough about how authentication works at your site to access it in code. "Usually" this is fairly straightforward…but Apple's code samples do not show how to do this—they can't because every institution handles authentication differently…some use LDAP, others Active Directory, some use Banner…others use things like eDirectory—each of these packages gives you a way to determine with a login or bind is going to work.

Frank Fulchiero wrote:
2. We are considering pilots with only a few faculty and 50-100 students. I am wondering if it would be any easier, in order to get started, to use OSX Server 10.6' Users and Groups and Open Directory for authentication, instead of our college's AD, and just manually enter the users. Due to security concerns, our network admins might find this more acceptable.

Certainly that would work. One of the nifty things about iTunes U is that you're not married to any solution you implement…you can always change/grow into something different later.