AAA & CAA Clubs

 

Project:  AAA Remote Sign In
Date:
URL: Various - requires valid member number

Business Need

Most AAA and CAA websites have become more sophisticated over the years and offer services that aren't available on the AAA Enhanced Server (AES). However there are, and likely always will be, features and services provided by the AES that cannot be offered elsewhere either for functional or economic reasons. Many of these services are restricted to AAA/CAA Members only while the Member validation is performed on the Club server. So there's a need to pass validation information between the servers to avoid the Member having to login to two separate machines.

Challenges

As with any authentication system, this process must be secure so that only Members with the correct credentials may view the restricted content. It must also protect Member's personal information. And last but not least, it must be easy to use. For example if a User has created an online TripTik on the AAA.com server and wishes to save it, she should be able to log in to club server and then be redirected back to the AAA.com server with the newly created TripTik available to be saved.

Solution

Newland utilized AAA National's Remote Sign In function. In the example above, we store the return URL (with the created TripTik) before leading the user through the registration and/or login process on the club server. Once that has been completed successfully, we encrypt the member's credentials before returning her to the TripTik. This encryption not only protects the personal information, but also prevents an imposter from copying the data and impersonating the Member.

Technology & Tools

Blowfish Encryption, Java, JSP, MySQL and HTML.