Versions Compared

Old Version 10

changes.mady.by.user Lukas Haemmerle

Saved on

compared with

New Version 11

changes.mady.by.user Lukas Haemmerle

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Panel
titleTechnical details

Please describe the technical details for this pilot.

<Enter here>

The current eduTEAMS Discovery Service (will be renamed to eduGAIN Discovery Service most likely) is operated on http://discovery.eduteams.org (several physically distributed servers) and a test instance on http://ds-test.eduteams.org/. Its software is the CESNET SAML2 Discovery Service implementation. Even though the service is not considered yet a production service according to the GEANT PLM (because it is neither part of the eduTEAMS or eduGAIN service currently), the service has been operated as managed service on the same production hardware by CESNET that CESNET uses for their own production Discovery Service. The three main features that distinguish this implementation from others are:

  • Privacy awareness: The operator of the DS does not know which organisation the user is from after the user made his choice
  • Embeddable: The DS can be embedded with a JavaScript on any web page
  • Filtering: The IdPs listed in the DS can be filtered according to federation, entity categories or individually by adding a proprietary filtering expression to the URL to load the DS from. The filter can be created in a specific filter user interface.

The Discovery Service documentation (for SP administrators) is on the GEANT wiki.


What is the business case for this Incubator project? Who would be customers of this solution and what would potential business look like?
Panel
titleBusiness case
case

The long term goal of this pilot is to contribute to a state-of-the-art, userfriendlyuser-friendly, SAML2-compliant default IdP Discovery Service that eduGAIN Service Providers can use (alternatively to operating their own Discovery Service or rely on a federation-specific one). The This Discovery Service can be delivered as either of these:

  • fully operated by the RA21 interest group that GEANT is a prominent member of
  • using a custom (GEANT/eduGAIN-branded) front-end of the RA21 service 
  • independent Discovery Service (e.g. the CESNET implementation) that interacts with the RA21 service via their API

Part of the work of this pilot will identify the best approach of the above.

...