The iFriend service allows users external to the School of Informatics to
obtain credentials allowing access to some of our systems. As such, it is
important for service managers to ensure that iFriend users don't obtain
access to systems which they should not be using.
iFriend for the Web
iFriend users will be able to access DICE web services which are authenticated
via cosign. If you do not wish iFriend users to access your service, you should
either set the CosignRequireFactor directive to INF.ED.AC.UK,
or you should implement authorization controls, either to a specific list, or
denying users with an '@' or '%' sign in their username.
iFriend for the command line
iFriend users cannot currently use command line applications with their
iFriend accounts - this document will be updated when this functionality