Jaime Pérez Lyon, February 2011. Goals –The ability to monitor the status of the Identity and/or Service Providers of a working federation. –To have a.

Slides:

Advertisements

Similar presentations

Single Sign-On with GRID Certificates Ernest Artiaga (CERN – IT) GridPP 7 th Collaboration Meeting July 2003 July 2003.

Advertisements

Mobile Agents Mouse House Creative Technologies Mike OBrien.

JavaScript FaaDoOEngineers.com FaaDoOEngineers.com.

Test Case Management and Results Tracking System October 2008 D E L I V E R I N G Q U A L I T Y (Short Version)

SPI 2003 Secure Audio and Video Conferencing system Jaroslav Dočkal, Tomáš Bouček, Petr Dušek, Tomáš Koníř.

ManageEngine TM Applications Manager 8 Monitoring Custom Applications.

The Geant4 physics validation repository

SELinux (Security Enhanced Linux) By: Corey McClurg.

Two main requirements: 1. Implementation Inspection policies (scheduling algorithms) that will extand the current AutoSched software : Taking to account.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

What is adaptive web technology?  There is an increasingly large demand for software systems which are able to operate effectively in dynamic environments.

Web based testing: Chucklist and Selenium

SaaS Software Container By Brian Moore Paul Kopacz.

MSF Testing Introduction Functional Testing Performance Testing.

Project Implementation for COSC 5050 Distributed Database Applications Lab1.

Shibboleth 2.0 IdP Training: Basics and Installation January, 2009.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.

FALL 2005CSI 4118 – UNIVERSITY OF OTTAWA1 Part 4 Web technologies: HTTP, CGI, PHP,Java applets)

TESTING STRATEGY Requires a focus because there are many possible test areas and different types of testing available for each one of those areas. Because.

5/5/2005Toni Räikkönen Internet based data collection from enterprises using XML questionnaires and XCola engine CoRD Meeting May 11th 2005.

+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.

Selecting and Combining Tools F. Duveau 02/03/12 F. Duveau 02/03/12 Chapter 14.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Design Extensions to Google+ CS6204 Privacy and Security.

DIRAC Web User Interface A.Casajus (Universitat de Barcelona) M.Sapunov (CPPM Marseille) On behalf of the LHCb DIRAC Team.

CSCI 6962: Server-side Design and Programming Secure Web Programming.

Zhonghua Qu and Ovidiu Daescu December 24, 2009 University of Texas at Dallas.

Raffaele Di Fazio Connecting to the Clouds Cloud Brokers and OCCI.

Working with Cookies Managing Data in a Web Site Using JavaScript Cookies* *Check and comply with the current legislation regarding handling cookies.

Putting What We Learned Into Context – WSGI and Web Frameworks A290/A590, Fall /16/2014.

Integrating with UCSF’s Shibboleth system

Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.

ANSTO E-Science workshop Romain Quilici University of Sydney CIMA CIMA Instrument Remote Control Instrument Remote Control Integration with GridSphere.

Security Testing Case Study 360logica Software Testing Services.

Cloud Standard API and Contextualization

INFSO-RI Enabling Grids for E-sciencE Grid Applications -- Cyprus Contribution to EGEE Organization: HPCL, University Of Cyprus.

 Cookie is small information stored in text file on user’s hard drive by web server.  This information is later used by web browser to retrieve information.

ISECON 2006 Online Content Editing - An Evaluation and Comparative Study Dynamic Page Builder An Evaluation and Comparison. Samuel Sambasivam David C.

6 th Annual Focus Users’ Conference Manage Integrations Presented by: Mike Morris.

National Computational Science National Center for Supercomputing Applications National Computational Science NCSA-IPG Collaboration Projects Overview.

FlexElink Winter presentation 26 February 2002 Flexible linking (and formatting) management software Hector Sanchez Universitat Jaume I Ing. Informatica.

The european ITM Task Force data structure F. Imbeaux.

出處 :2010 2nd International Conference on Signal Processing Systems (ICSPS) 作者 :Zhidong Shen 、 Qiang Tong 演講者 : 碩研資管一甲吳俊逸.

Wellstorm Development Connecting Real Time Data to Everything Hugh Winkler May 11, 2006.

Single Sign-On across Web Services Ernest Artiaga CERN - OpenLab Security Workshop – April 2004.

REMOTE LOGIN. TEAM MEMBERS AMULYA GURURAJ 1MS07IS006 AMULYA GURURAJ 1MS07IS006 BHARGAVI C.S 1MS07IS013 BHARGAVI C.S 1MS07IS013 MEGHANA N. 1MS07IS050 MEGHANA.

MEMBERSHIP AND IDENTITY Active server pages (ASP.NET) 1 Chapter-4.

Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.

Implementing and Using the SIRWEB Interface Setup of the CGI script and web procfile Connecting to your database using HTML Retrieving data using the CGI.

1 Isolating Web Programs in Modern Browser Architectures CS6204: Cloud Environment Spring 2011.

AMH001 (acmse03.ppt - 03/7/03) REMOTE++: A Script for Automatic Remote Distribution of Programs on Windows Computers Ashley Hopkins Department of Computer.

5/7/2007CoreMcClug/SELinux 1 By: Corey McClurg. Outline A History of SELinux What is SELinux and how do I get it? Getting Started Mandatory Access Control.

JavaScript Introduction and Background. 2 Web languages Three formal languages HTML JavaScript CSS Three different tasks Document description Client-side.

Systems Software. Systems software Applications software such as word processing, spreadsheet or graphics packages Operating systems software to control.

Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK

ConTZole Tomáš Kubeš, 2010 atlas-tz-monitoring.cern.ch An Interactive ATLAS Tier-0 Monitoring.

START Application Spencer Johnson Jonathan Barella Cohner Marker.

Community Sign-On and BEN. Table of Contents  What is community sign-on?  Benefits  How it works (Shibboleth)  Shibboleth components  CSO workflow.

Jaime Pérez Virginia Martín-Rubio TERENA Networking Conference Prague, May 2011.

Core ELN Training: Office Web Apps (OWA)

Application or server monitoring

Project Target Develop a Web Based Management software suit that will enable users to control Hardware using standard HTTP & Java Applet compatible web.

IST 220 – Intro to Databases

Federation made simple

World Wide Web policy.

Myths About Web Application Security That You Need To Ignore.

Web Systems Development (CSC-215)

Smoke testing Gediminas Rimša.

Ponder policy toolkit Jovana Balkoski, Rashid Mijumbi

Presentation transcript:

Jaime Pérez Lyon, February 2011

Goals –The ability to monitor the status of the Identity and/or Service Providers of a working federation. –To have a monitoring platform that allows us to manage alerts, reports, graphs, statistics, and so on. Requisites –It must be compatible with our running infrastructure, based on Nagios. –It must be independent of the underlying technology.

Challenge 1: find the suitable tools –We started looking for the most suitable tools to fit the requirements. More specifically, we had the need of some software that allows automation of the user’s (and his web browser) behaviour. –We made our choice to be Apache Jmeter. Originally intended as a load testing tool, it’s perfect to simulate and evaluate navigation through web applications, and though its lack of support of Javascript, it provides mechanisms to sort it.

How does it looks like?

Automated use of JMeter –First we developed a test plan that simulates a login through our federation, authenticates and returns back to a specially crafted SP. –Then we used this test plan to run it in a dedicated machine by means of the JMeter command line interface. –We also considered using a farm of JMeter servers that receive the test plans and run them.

Automated use of JMeter –Since it is desirable to have just one plan for all IdPs monitored, we designed it with macros and variables that we change runtime to fit the specific detail of each IdP. That is: –Username –Password –The names of the input fields of the login form –A cookie to bypass the WAYF and go directly to an IdP from it.

Challenge 2: integrate with Nagios –Once we were able to test individually each IdP, we needed a way to run the tests and get the results in a specific format suitable for Nagios. –We developed a shell script that receives as command line parameters the variables mentioned before, modifies the test plan on runtime, runs JMeter with it and evaluates the output to translate to a Nagios service status/performance data.

Challenge 2: integrate with Nagios –It is flexible enough to allow us evaluate the settings of and IdP. For instance, looking for some mandatory attributes and triggering a warning if any of them is missing. –It also allows us to perform security tests, like making sure a non-existent user is unable to successfully login to an IdP.

Achievements 14 IdPs already being monitored and increasing

Achievements

To sum up: –User experience based federation monitoring: we simulate users and browsers, so if the monitoring says an IdP is working, then we can guarantee it is really working. –Technology independent: though it is adapted to our running infrastructure, it doesn’t know anything about the underlying technology, and in fact supports several protocols mixed altogether. –Want more info? Ask for the extended abstract!