...
source: VOpaas_architecture_v2.odp
COmanage
COmanage delivers the VO Membership service which features:
...
Next to the CO-DB and AA-DB, a ACL-DB is filled to let the VO managers select which SPs should get what data from the VO. THis information is used to filter the data in the AAs.
SAML AA
The SAML AA implements the SAML attribute Query protocol. It is basically a Shibboleth IdP which reads attribute data from MySQL.
(Example implementation, see https://wiki.surfnet.nl/display/ORCIDAA/Technical+Setup, chapter 2)
VOOT AA
the VOOT AA is a RESTfull, OAuth2 shielded resource providing group and attribute information using the VOOT protocol. Example implementation (https://github.com/OpenConextApps/php-voot-provider)
...