Presentation is loading. Please wait.

Presentation is loading. Please wait.

EduGain Federation – Web SSO

Published byLorin Barnett Modified over 9 years ago

Similar presentations

Presentation on theme: "EduGain Federation – Web SSO"— Presentation transcript:

1 EduGain Federation – Web SSO
CERN SSO EduGain Bruno Bompastor: CERN Cloud Report

2 Horizon’s View of EduGain
Presents Web SSO to user Login successful with attributes e.g. Map attributes to groups e.g. grouplist=indigo-dataclouds-admin Map groups to roles e.g. project member of “EU Indigo DataClouds” Bruno Bompastor: CERN Cloud Report

3 Bruno Bompastor: CERN Cloud Report
Federation using SAML Works with CLI access using SAML/ECP Bruno Bompastor: CERN Cloud Report

4 Keystone to Keystone Federation
Needs Kilo+ for Keystone to become an IdP Administrator Establishes trust between CERN cloud and INFN cloud Defined mappings INFN User Authenticates against INFN cloud Keystone CERN cloud Keystone accepts his token for defined roles in a project Bruno Bompastor: CERN Cloud Report

5 Bruno Bompastor: CERN Cloud Report
Public cloud support 30 public cloud vendors and distributions announced support by EOY 2015 Rackspace IBM HP Bruno Bompastor: CERN Cloud Report

6 Multiple authentication protocols
Bruno Bompastor: CERN Cloud Report

7 Bruno Bompastor: CERN Cloud Report
X.509, Kerberos and VOMS OS_AUTH_TYPE end user variable in unified CLI v3Kerberos v3x509 CERN cloud supports X.509 and Kerberos using REMOTE_USER Environment variable set to give authentication method Apache authenticates for the URL and passes user id etc to the Keystone service Potential to support VOMS via same mechanism Alvaro Garcia (CSIC) will update EGI FC support in Keystone during the summer Bruno Bompastor: CERN Cloud Report

Download ppt "EduGain Federation – Web SSO"

Similar presentations

Suchin Rengan Principal Technical Architect Salesforce.com

Suchin Rengan Principal Technical Architect Salesforce.com
Identity Network Ideals – Heterogeneity & Co-existence

Identity Network Ideals – Heterogeneity & Co-existence
EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Service Bus Service Bus Access Control.

Service Bus Service Bus Access Control.
Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.

Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (http://www.ag-nbi.de)http://www.ag-nbi.de.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
WebFTS as a first WLCG/HEP FIM pilot

WebFTS as a first WLCG/HEP FIM pilot
Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Building Secure Applications.

Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Building Secure Applications.
Prabath Siriwardena Senior Software Architect. An open source Identity & Entitlement management server.

Prabath Siriwardena Senior Software Architect. An open source Identity & Entitlement management server.
CERN Cloud Infrastructure Report 2 Bruno Bompastor for the CERN Cloud Team HEPiX Spring 2015 Oxford University, UK Bruno Bompastor: CERN Cloud Report.

CERN Cloud Infrastructure Report 2 Bruno Bompastor for the CERN Cloud Team HEPiX Spring 2015 Oxford University, UK Bruno Bompastor: CERN Cloud Report.
Federated A(A(A))I Jens Jensen hepsysman, RAL, 20110701.

Federated A(A(A))I Jens Jensen hepsysman, RAL,
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
1 World-Leading Research with Real-World Impact! Authorization Federation in IaaS Multi Cloud Navid Pustchi, Ram Krishnan and Ravi Sandhu SCC 2015.

1 World-Leading Research with Real-World Impact! Authorization Federation in IaaS Multi Cloud Navid Pustchi, Ram Krishnan and Ravi Sandhu SCC 2015.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland www.cern.ch/i t OIS CERN Single Sign-On Summer 2012 Updates Emmanuel.

Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS CERN Single Sign-On Summer 2012 Updates Emmanuel.
Single Sign-On Multiple Benefits via Alaska K20 Identity Federation 20 May 2011 BTOP Partner Meeting Anchorage, Alaska 20 May 2011 BTOP Partner Meeting.

Single Sign-On Multiple Benefits via Alaska K20 Identity Federation 20 May 2011 BTOP Partner Meeting Anchorage, Alaska 20 May 2011 BTOP Partner Meeting.
1 Multi Cloud Navid Pustchi April 25, 2014 World-Leading Research with Real-World Impact!

1 Multi Cloud Navid Pustchi April 25, 2014 World-Leading Research with Real-World Impact!
Belnet Federation Belnet – Loriau Nicolas Brussels – 12 th of June 2014.

Belnet Federation Belnet – Loriau Nicolas Brussels – 12 th of June 2014.
SharePoint Security Fundamentals Introduction to Claims-based Security Configuring Claims-based Security Development Opportunities.

SharePoint Security Fundamentals Introduction to Claims-based Security Configuring Claims-based Security Development Opportunities.
Shibboleth 2.0 IdP Training: Authentication January, 2009.

Shibboleth 2.0 IdP Training: Authentication January, 2009.
Authentication. 2 © 2010 SWITCH Terms: Authentication Mechanism A concrete mechanism used to authenticate a user. Shibboleth 2 currently supports REMOTE_USER,

Authentication. 2 © 2010 SWITCH Terms: Authentication Mechanism A concrete mechanism used to authenticate a user. Shibboleth 2 currently supports REMOTE_USER,

Similar presentations

Ads by Google