Presentation is loading. Please wait.

Presentation is loading. Please wait.

VOMRS/VOMS-Admin 2.0.x 2.5.x comparison Mar 28, 2008 Middleware Security Group Meeting Tanya Levshina and Gabriele Garzoglio Computing Division, Fermilab.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "VOMRS/VOMS-Admin 2.0.x 2.5.x comparison Mar 28, 2008 Middleware Security Group Meeting Tanya Levshina and Gabriele Garzoglio Computing Division, Fermilab."— Presentation transcript:

1 VOMRS/VOMS-Admin 2.0.x 2.5.x comparison Mar 28, 2008 Middleware Security Group Meeting Tanya Levshina and Gabriele Garzoglio Computing Division, Fermilab Overview Converging on a Common VO Membership Registration Solution VOMRS / VOMS-Admin features/requirements comparison

2 Converging on a Common VO Membership Registration Solution We have a small community and 2 user registration solutions: VOMRS and VOMS-admin VOMS-admin is emerging as a valuable alternative to VOMRS, but there are VOMRS requirements not addressed in VOMS-admin (see later) We encourage a path where we converge on a single comprehensive solution for our community We are committed to supporting all fundamental VOMRS requirements of our stakeholders

3 Implementation Details NamePersistence layer based on TechnologiesWeb services VOMRSoracle/mysql driversJava Java servlet Javascript CSS Provides WSDL interface to its functions VOMS-ADMIN 2.x.xhibernateJava Java servlet Javascript CSS Struts Provides WSDL interface to its functions

4 VOMRS/VOMS features comparison (I) VOMRSVOMSComments 2.02.5 Member’s statusNo In voms 2.5 member’s status is defined by status of member certificates. It is required more work for VO Admin in order to suspend a member, also it is unclear from the certificate status why it has Expired status. It could be due to certificate expiration date or because vo membership is expired. Initial requirements for VOMRS. Multiple certificates per memberNoYesInitial requirements for VOMRS. Member’s certificate statusNoYesVOMS 2.5 will also dynamically update certificate expiration data and notify user Member institutional expirationNo VOMRS could extract institutional expiration from third-party application, when configured to talk to third-party directory. Requested by CERN. VO membership expiration (bound to AUP version) NoYesRequested by GDB Member’s ability to request approval for a new certificate NoYesRequested by 4 major experiments (CMS, Atlas, Alice, Lhcb) Member’s ability to request membership in a group NoYesRequested by 4 major experiments Member’s ability to request assignment of group role NoYesRequested by 4 major experiments Member’s VOMS GAYes Requested by 4 major experiments Group membership access (Open/Restricted)No Requested by 4 major experiments

5 VOMRSVOMSComments 2.02.5 Group definitionNo Requested by 4 major experiments Group role membership access (Open/Restricted) No Requested by 4 major experiments Group role definitionNo Requested by 4 major experiments Ability to attach group role to groupNo Requested by 4 major experiments Dynamic list of collected personal informationNo Initial requirements for VOMRS. VOMS-Admin collects predefined information: Email Institute Phone number But voms-admin 2.5 could embed shibboleth attributes inside VOMS ACs Event subscriptionNo Initial requirements for vomrs. Interfacing third-party directory during registration No VOMRS -> CERN HR DB: checks CERN registration and membership in a particular experiment. Requested by CERN. Interfacing third-party directory during membership validation No VOMRS -> CERN HR DB: checks cern registration expiration, cern email. Requested by CERN. Sending subscription events to a third-partyNo Sending relevant information to SAM DH system (DZero VO). Requested by Fermilab. AUP management and versioningNoYesRequested by GDB VOMRS/VOMS features comparison (II)

6 VOMRSVOMSComments 2.02.5 Various VO administrators with well defined responsibilities and rights (defined by administrative roles and permission to execute service) The permission is set via ACL (Context, Principal, Permission) Yes, will be implemented via tags and tasks Initial requirements for VOMRS Registration workflowPartiallyUnclearInitial requirements for VOMRS. In VOMS 2.0 only VO Admin can approve member. Based on introduction of admin roles in VOMS 2.5 it will probably be implemented Configurable online help in web uiNo On todo list for voms 2.5 Access to AUP (embedded into web page or url) NoURL onlyAUP url access is requested by Fermilab, locally stored AUP is requested by GDB Web UI: Sortable output, selectable output informantion No, but pagination is implemented Initial requirements for VOMRS Ability to execute actions for multiple user simultaneously No Requested by multiple VO administrators Authorization-aware web uiYes Initial requirements for VOMRS VOMRS/VOMS features comparison (III)

Download ppt "VOMRS/VOMS-Admin 2.0.x 2.5.x comparison Mar 28, 2008 Middleware Security Group Meeting Tanya Levshina and Gabriele Garzoglio Computing Division, Fermilab."

Similar presentations

New Release Announcements and Product Roadmap Chris DiPierro, Director of Software Development April 9-11, 2014

New Release Announcements and Product Roadmap Chris DiPierro, Director of Software Development April 9-11, 2014
Dec 14, 20061/10 VO Services Project – Status Report Gabriele Garzoglio VO Services Project WBS Dec 14, 2006 OSG Executive Board Meeting Gabriele Garzoglio.

Dec 14, 20061/10 VO Services Project – Status Report Gabriele Garzoglio VO Services Project WBS Dec 14, 2006 OSG Executive Board Meeting Gabriele Garzoglio.
2013 Texas Ad Astra Summit Monday, July 22 nd What’s New in 7.5 for Event Scheduling Presented by: Kelly Hollowell, Manager of Education, Ad Astra.

2013 Texas Ad Astra Summit Monday, July 22 nd What’s New in 7.5 for Event Scheduling Presented by: Kelly Hollowell, Manager of Education, Ad Astra.
Edoclite and Managing Client Engagements What is Edoclite? How is it used at IU? Development Process?

Edoclite and Managing Client Engagements What is Edoclite? How is it used at IU? Development Process?
Holding slide prior to starting show. Supporting Collaborative Working of Construction Industry Consortia via the Grid - P. Burnap, L. Joita, J.S. Pahwa,

Holding slide prior to starting show. Supporting Collaborative Working of Construction Industry Consortia via the Grid - P. Burnap, L. Joita, J.S. Pahwa,
Computer Monitoring System for EE Faculty By Yaroslav Ross And Denis Zakrevsky Supervisor: Viktor Kulikov.

Computer Monitoring System for EE Faculty By Yaroslav Ross And Denis Zakrevsky Supervisor: Viktor Kulikov.
The Solution to Your Product Problems. Overview - What is PDS? ➲ Project Management System ➲ Web Based Easy to use Scalable ➲ Streamlined tools for software.

The Solution to Your Product Problems. Overview - What is PDS? ➲ Project Management System ➲ Web Based Easy to use Scalable ➲ Streamlined tools for software.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
SubVersioN – the new Central Service at DESY by Marian Gawron.

SubVersioN – the new Central Service at DESY by Marian Gawron.
Shop 9000 Product Review 2007 Visual User Group Nov 21 st 2007.

Shop 9000 Product Review 2007 Visual User Group Nov 21 st 2007.
Windows.Net Programming Series Preview. Course Schedule - 2014 CourseDate Microsoft.Net Fundamentals 01/13/2014 Microsoft Windows/Web Fundamentals 01/20/2014.

Windows.Net Programming Series Preview. Course Schedule CourseDate Microsoft.Net Fundamentals 01/13/2014 Microsoft Windows/Web Fundamentals 01/20/2014.
6/1/2001 Supplementing Aleph Reports Using The Crystal Reports Web Component Server Presented by Bob Gerrity Head.

6/1/2001 Supplementing Aleph Reports Using The Crystal Reports Web Component Server Presented by Bob Gerrity Head.
Employee Self Service (ESS) Version 2.04.0.0. Employee Self Service  access from any computer  view their elected withholding, earnings summary, check.

Employee Self Service (ESS) Version Employee Self Service  access from any computer  view their elected withholding, earnings summary, check.
Screen Snapshot Service Kurt Biery SiTracker Monitoring Meeting, 23-Jan-2007.

Screen Snapshot Service Kurt Biery SiTracker Monitoring Meeting, 23-Jan-2007.
Global Customer Partnership Council Forum | 2008 | November 18 1IBM - GCPC MeetingIBM - GCPC Meeting IBM Lotus® Sametime® Meeting Server Deployment and.

Global Customer Partnership Council Forum | 2008 | November 18 1IBM - GCPC MeetingIBM - GCPC Meeting IBM Lotus® Sametime® Meeting Server Deployment and.
RECALL THE MAIN COMPONENTS OF KIM Functional User Interfaces We just looked at these Reference Implementation We will talk about these later Service Interface.

RECALL THE MAIN COMPONENTS OF KIM Functional User Interfaces We just looked at these Reference Implementation We will talk about these later Service Interface.
VOX Project Status T. Levshina. Talk Overview VOX Status –Registration –Globus callouts/Plug-ins –LRAS –SAZ Collaboration with VOMS EDG team Preparation.

VOX Project Status T. Levshina. Talk Overview VOX Status –Registration –Globus callouts/Plug-ins –LRAS –SAZ Collaboration with VOMS EDG team Preparation.
Engineering Data Management System CERN Drawing Directory overview - Stephan Petit - CERN EST/ISS - LHC Auditorium - 09.04.1998 - 10:00 CERN DRAWING DIRECTORY.

Engineering Data Management System CERN Drawing Directory overview - Stephan Petit - CERN EST/ISS - LHC Auditorium :00 CERN DRAWING DIRECTORY.
May 8, 20071/15 VO Services Project – Status Report Gabriele Garzoglio VO Services Project – Status Report Overview and Plans May 8, 2007 Computing Division,

May 8, 20071/15 VO Services Project – Status Report Gabriele Garzoglio VO Services Project – Status Report Overview and Plans May 8, 2007 Computing Division,
Apr 30, 20081/11 VO Services Project – Stakeholders’ Meeting Gabriele Garzoglio VO Services Project Stakeholders’ Meeting Apr 30, 2008 Gabriele Garzoglio.

Apr 30, 20081/11 VO Services Project – Stakeholders’ Meeting Gabriele Garzoglio VO Services Project Stakeholders’ Meeting Apr 30, 2008 Gabriele Garzoglio.

Similar presentations

Ads by Google