Here are a few notes from my end and some questions for the group.
It sounded liked there was interest in a central repository of form
information and including some basic form styles and elements in the
templates would be useful. A general feedback form seems like a good
starting point. What other types of form or multi-element form parts
(i.e. EFS) might be good to include and would serve a broad audience?
For those of you using a tool to help generate forms and client-side
or server-side validation, what tools are you using? Web Form
Factory may be generating again and provides a solid start for
simple forms, as a I recall (PHP only).
On utilizing central authentication and LDAP to improve the UX of
form by pre-populating info, it doesn't seem like we landed on
anything with regard to security considerations. If someone is
signed in, and would be forced to sign in if they weren't, what are
the issues with pre-populating fields using information about the
user that's publicly available in LDAP? Here's an example of what
might be returned.
Anyone from OIT Security on the list who can shed some light on this?
As Chris suggested, you could attempt to pre-populate fields for
logged in users, but not requiring people to login. Switch to HTTPS,
get their cookieauth cookie, run it up against the central auth hub
to get their Internet ID, and then query that. Are there different
security implications for pre-populating fields in this case?
Of course, directory-suppressed students won't be found in public
searches of LDAP.
Central auth info
Accessible anti-spam techniques
Good read on validation
University of Minnesota
[log in to unmask]
"I gotta hold on to my angst. I preserve it because I need it. It
keeps me sharp, on the edge, where I gotta be." - V. Hanna