80 likes | 189 Views
Federation Security. Jens Jensen, STFC. contrail is co-funded by the EC 7th Framework Programme under Grant Agreement nr. 257438 . 0 1. OpenID. Shib. SSPhp. Username/password. Web. CA. Fed. DB. Federation layer (previous). OpenID. Shib. SSPhp. Username/password. DB.
E N D
Federation Security Jens Jensen, STFC contrailis co-funded by the EC 7th Framework Programme under Grant Agreement nr. 257438 contrail-project.eu 01
OpenID Shib SSPhp Username/password Web CA Fed DB Federation layer (previous)
OpenID Shib SSPhp Username/password DB OAuth2 Auz CA OAuth2 ResSvr Web Prov Mgr. Federation layer (new)
What’s New • Tighter Integration with OAuth2 • OAuth2 used for certificate delegation • Not everything works with GSI proxies • See complete example in IDEL-WG session • This presentation focuses on the login session • Login to OAuthAuzSvr
Experiences with reuse – EUDAT • Need customisation for community portals • Command line login – Shib. OpenID. • ShibIdPs limitations • Publishing inconsistently • ePTID maybe not sufficient • Integrate with community portals • Two portals – EUDAT and community – or integrate portals • Data staging – need uniformly accepted credentials, or ...
Code Yes, it is open source contrail.ow2.org
contrail is co-funded by the EC 7th Framework Programme http://contrail-project.eu Funded under: FP7 (Seventh Framework Programme) Area: Internet of Services, Software & virtualization (ICT-2009.1.2) Project reference: 257438 Total cost: 11,29 million euro EU contribution: 8,3 million euro Execution: From 2010-10-01 untill 2013-09-30 Duration: 36 months Contract type: Collaborative project (generic) contrail-project.eu 08