Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


The online CA is a service provider which has entered eduGAIN, and has as CA been accredited by IGTF (as a so-called IOTA CA). In order to protect the service, a filtering WAYF has been implemented which only accepts Identity Providers that publish the R&S set of attributes and are conforming to the Sirtfi. The combined service is running on a production level. The Master Portals run by EGI and ELIXIR are running as pilot services.

A sustainability study for the model has been produced by AARC-NA3.


We have created two demonstrator Master Portal clients, which talk to a semi-production Master Portal (running for EGI), serviced by the production online CA. We also have setup a test VOMS service with test VO, to test and showcase the integration with a VOMS attribute authority. The two demonstrators are:


The adaptations of the code for this pilot can be found on the github repository.

Additionally Additionally:

  • ansible scripts for setting up a Delegation Server (online CA) or a Master Portal
  • SimpleSAMLPHP has been used to build a filtering WAYF.
  • A VOMS server to run a test VO.
  • some simple PHP clients to test the flow and make a demonstrator.