User Services
On-line Help
Service Phone:
  88236855(All day)
Email and Address:
   http://helpdesk.ihep.ac.cn/
   helpdesk@ihep.ac.cn
Your present position:Home > User Services > Network Service > Single Sign On System(SSO)

Unified IHEP Authentication System

2015-06-08| Editor:div7 | Browse times:Loading... | [Big Middle Small] [Print] [Colse]

   URL of the unified IHEP authentication system: https://login.ihep.ac.cn/

   This system has two functions: unified authentication and user management. Unified authentication enables a user to access all applications of this system through one account, without repeated login, the so-called "single-point login, institute-wide roaming". User management realizes management of personal information of all users (including all staffs and students of IHEP and some cooperation group users), management of administrative departments, management of cooperation groups and management of groups and other functions.

   There are two types of users: internal user and external users.

   The internal users with an IHEP mailbox may use this system directly through mailbox account and password. New users and external users need registration before use (for more information, please refer to Part 1 of User Manual). Registering by using employer mailbox is recommended so as to audit user identity. Some application systems may subdivide access authority based on user information, so every user who enters the system in the first time is requested to perfect personal information and group information to avoid limitation of access authority. 

I. User registration

   At the right top corner of login page (https://login.ihep.ac.cn/), there is a Chinese-English shift button, which may realize switchover between Chinese and English pages. For a user applying for a new account, please click "Register" on the right to enter user registration page.

   Please enter true personal information at the registration page to smoothly pass the audit of the administrator. After submission and registration, the system will automatically send a verification mail to the registration mailbox. The user may log in by using the registration account only after successful mailbox verification; The department information and cooperation group information submitted by a user need to be audited by the administrator. After the user passes the audit, he may access the application system based on the authority of the group he belongs to.

II. Maintenance of personal information

   After entering the system, a user needs to complete his personal information to acquire the authority to access the application system. Click "Profile" in system menu bar to enter the page of personal information maintenance.

   This page consists of two Tab pages: personal information and group information. The user should complete the information according to the fact. At the page of group information, the user may apply for joining a new group or view his audit state. The groups are classified into three types: administrative groups, cooperation groups and custom groups; audit states include apply, accept and reject.

1. Personal information

   Personal information modification page is similar to registration page and is not described here again.

2. Group information

   Here the groups are classified into three types: administrative groups, cooperation groups and custom groups. Users may apply for joining any group at free will, but the administrator will audit the applications according to facts. Taking an administrative group for example:

   1) When the user clicks "Apply for department", an interactive dialogue box will pop up.
   2) Select a group of a department:
   3) Click "Submit" button and wait for audit result.
   After passing the audit, the operation for joining a cooperation group or a custom group is similar to the above operation. 

III. User audit

   The content of this part is only for the administrator. For ordinary users, please skip it.

   The user audit page consists of three Tab pages: department management, cooperation group management and group management. Only the users with corresponding authorities can operate unused group management Tab pages.

1. Department management

1) Confirmation of department administrator's authority
   Only department administrator has the authority to operate this page
   If there is department management authority, the group the user belongs to will be displayed.

2) Operation of the department administrator
   a) To execute administrator operation, a group in the left column must be selected at first. At the department management page, there are two Tab pages: leader management and user management. The administrator may see all applying users at the user management page.
   b) By selecting users to be handled and clicking approve by batch or reject by batch, the audit state of users in the group may be modified.
   c) At the leader person page, leaders may be added and the management strategy of this group may be controlled, i.e.: whether the joining of users needs audit. If "No audit" is set, the state will be "accept" immediately after a user submits his application.

2. Cooperation group management

   1) Confirmation of cooperation group administrator's authority
Only the cooperation group administrator has the authority to operate this page If there is cooperation group management authority, the cooperation group the user belongs to will be displayed, as shown in the diagram below:

   2) Operation of the cooperation group administrator
      a) To execute administrator operation, a group in the left column must be selected at first. At the cooperation group management page, there are two Tab pages: leader management and user management. The administrator may see all applying users at the user management page.
     b) By selecting users to be handled and clicking approve by batch or reject by batch, whether the applying users can join this cooperation group can be controlled.
     c) At the leader page, leaders may be added and whether this group needs audit may be controlled. If audit is needed, ordinary users may join the group only after they pass audit. If no audit is needed, ordinary users may join the group once they file an application.

3. Group management
   (1) Only group administrator has the authority to operate this page. The group created by a user with group management authority will be displayed on the left column. Click "Create a group". 3 kinds of authorities are set for created groups: Anybody can join; join only after accepted by the leader; only designated users may join. The first group does not need audit; the second group needs audit; the third group is not open to ordinary user and only the users designated by the administrator of this group can join it.
   (2) Click submit button. This group will appear in the left column of group management.
   (3) Switch over to the page of users to be selected after test 1 group is selected. All users can be seen:
After "Add" button is clicked, the user may be added to this group.
   (4) Switch over to the user management page. The users applying for joining this group can be seen.
   (5) By selecting a user and clicking accept by batch or reject by batch, whether users can join this group can be controlled.
   (6) At the leader page, leaders may be added and whether this group needs audit may be controlled. If audit is needed, ordinary users may join the group only after they pass audit. If no audit is needed, ordinary users may join the group once they file an application.
Email: helpdesk@ihep.ac.cn   Service phone: 88236855  Loading...
Institute of High Energy Physics Computing Center