User Directories and Personalization

Previous page
Table of content
Next page

Once all the security issues have been resolved and a decision has been made about the identity and access management infrastructure, you can start thinking about personalization issues.

For purposes of this discussion, think of your user directory as just a database that contains information about the people within an enterprise and the resources to which these people need access. When a user tries to access the intranet and they are authenticated, this database is queried for all its information on that user (what groups they belong to and any personal preferences they have selected). This information is then used to generate a dynamic homepage (for example) that offers the user information about content areas and access to functional components that are appropriate for his defined groups. If he has selected personal preferences that effect layout, colors, hierarchy of navigation components, or other customizable areas, then those personal choices will be apparent.

Personalization is what the system does when it matches a user's profile with relevant content profiles. This is done according to the group specifications detailed in the directory service, and it allows for a dynamic navigation system to change as specific group needs and broader business needs evolve over time. As content relevant to their job changes, the nature of the intranet and its relationship to the user will change, and grow. Furthermore, the non-dynamic content areas that all users will have access to will remain static on the user's pages, so he can explore and learn with the traditional navigation system, too.

Note

Note that personalization and customization are two separate things, and are only related in that they both result in the dynamic modification of the intranet's presentation layer.

Customization refers to a technique that may or may not want to be employed. This refers to interface elements that can be moved and changed according to individual preferences. If a color palette has been defined inside the scope of a design, then it would be possible for several variations on a design to be created by simply moving colors around and giving users choices to select what they prefer. Also, some users find certain types of information (current stock prices, corporate news, and press releases) more important than others (new HR benefits, fundraising initiatives, and cafeteria menus). Giving users an option to customize their intranet (and really make it their own) does not require a significant technology leap beyond what will be developed during a personalization initiative, and it will have a positive impact on the level of satisfaction people get from it.

How Does Implementing Security in My Intranet Allow For its Personalization?

When a user has been authenticated, there are three ways to track them to make sure their intranet experience is consistent across their session. A session refers to all the connections that a single user might make to a server in the course of viewing any set of pages within an intranet. Logging on to the intranet and/or making your first page request to the server will instantiate the session. Logging off the intranet or remaining inactive for a set period of time will end it. Sessions are specific to individual users. As a result, every user has a separate session and has access to a separate set of session variables.

The three ways to track session variables are:

  • Pure Session Variable (server only) - Session variables are a convenient place to store information that all pages of your application might need during a user session. Using them allows your intranet's functional component(s) to initialize with user-specific data the first time a user accesses one of its pages. This information can remain available while that user continues to use that application. For example, you can retrieve information about a specific user's preferences from a database once, the first time a user accesses any page of an application (or after authentication is complete). This information remains available throughout that user's session, thereby avoiding the retrieval of these preferences again and again. Pure session variables are stored on the server only and they track all simultaneous users separately.

  • Cookie - Session information can be stored in a users' browsers' cookie files when there is an expectation for numerous simultaneous user sessions that you may not want be handled by the intranet server. Setting cookies (storing a few lines of text information with the session variables inside them) will allow the server to operate with less strain, and for some variables to be persistent across sessions (like color preferences and other customizable options that aren't stored in a database).

  • Token - When cookies can't be written to a web browser (which happens in some organizations due to a variety of corporate web browser standards), session variables can be tracked by appending a unique identifier and variable information to the end of every URL which a user accesses. This can be done automatically in most instances by enabling session management with tokens on a web server.

The decision will largely depend on the scripting language you have chosen to use during your development cycle, as some of these methods are easier to adopt in certain languages than they are in others.

The advantage of tracking a user through their session is that you can continue matching categorized content with different end users based on business rules as they proceed through the intranet. This matched content can also be presented in context with where they are in the site, what their previous actions have been, and what their customized preferences are.

"By looking at the clickstream (the path of pages a user clicks through) of many users on an intranet, you can get a deeper understanding of how successful your GUI design was, how usable the site is and how much utility the users are getting from it."

The other significant benefit to personalization and use of sophisticated tracking mechanisms is that user sessions can easily be logged and analyzed. This analysis would typically not look at individual sessions unless they indicate system abuse, but rather aggregate them for advanced analysis by designers and usability personnel. By looking at the clickstream (the path of pages a user clicks through) of many users on an intranet, you can get a deeper understanding of how successful your GUI design was, how usable the site is, and how much utility the users are getting from it. Also, when and if the site is re-launched, this data can be cross-referenced with solicited feedback to more clearly define future direction.

Integrating Personalization

Once you know who your user is and how you're going to keep track of their information, you need to integrate their unique information with the relevant graphical interfaces and information structures. Based on the user's group memberships and unique access permissions, you would probably have a dynamic left-side navigation system that gives them access to all the generic company-wide content areas and functional components, but also includes specialized areas to which they have special access. The differences that you know exist between them will not matter to the average intranet user because they won't likely know about the content and components they don't have access to.

Beyond simply allowing a user to have access to certain areas of the intranet, it is recommended to provide them with options to select size and placement of information areas (the number of content headlines, for example, and their placement on the page relevant to press releases, financial information, and weather updates). Additionally, flexible color options are almost always appreciated because people do have personal preferences. If you have a set of defined colors within a corporate palette, ask your design team to recommend alternative schemes for color selection within their design. If it's just a matter of creating three Cascading Style Sheets and letting users select among them; the technology isn't difficult, and the reward will be substantial.

Giving a user control over even slight aspects of their interface from an information layout perspective (while keeping all possible options within the greater framework of your designed templates) empowers users to customize their experiences and make it personal. When this happens, their satisfaction and utility from the site will likely increase as well.



Previous page
Table of content
Next page
Practical Intranet Development
Practical Intranet Development
ISBN: 190415123X
EAN: 2147483647
Year: 2006
Pages: 124
Authors: John Colby, Inigo Surguy, Rudiger Voigt, Jeffrey Haas, Frank C. Pappas
BUY ON AMAZON
CISSP Exam Cram 2
The .NET Developers Guide to Directory Services Programming
Java How to Program (6th Edition) (How to Program (Deitel))
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
Microsoft VBScript Professional Projects
Python Standard Library (Nutshell Handbooks) with
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy