Versions Compared

Old Version 1

changes.mady.by.user Simone Visconti

Saved on

compared with

New Version Current

changes.mady.by.user Simone Visconti

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...wip...

Description

WaTTS activity is to provide a token translation functionality. It allows service. Its purposeful design is to facilitate usage and integration of legacy services, such as SSH enabled services and services that consume various credentials. Examples are services requiring SSH keys or services requiring the use of X.509 certificates, with federated identities.  For For this, WaTTS accepts can be accessed using federated identities (via OpenID Connect) and uses a plugin scheme to generate necessary credentials for your service. This the desired service. For source of federated identities that do not use OIDC, it is recommend to integrate WaTTS with one of the existing SP-IdP-Proxy solutions, as WaTTS on its own does not support SAML. This allows users to access services that support only non-federated authentication mechanisms , using their federated identities. Relying Services can subscribe to the credential translation service of the Life Science AAI provided by WaTTS, allowing the users to obtain X.509 certificates based on their Life Science IDs. WaTTS will provide Via WaTTS, after obtaining a certificate from RCauth.eu online CA, the credential is stored as a proxy certificate in a trusted credential store connected , and subsequently provided to the RCauth.eu online CA and through SSH. Additional plugins for common services already exist to support additional legacy user. User can also upload its SSH public key, with which the user can then obtain the proxy certificate via command line. Additional plugins are also present to support other services.

WaTTS is developed by KIT with funding from INDIGO, and for LS AAI pilot is operated as a service through from EUDAT and KIT.

User Guide

At the following link is available a complete guide related to WaTTS.

https://watts-dev.data.kit.edu/docs/user/index.html

Code Guide

A complete guide related to WaTTS codes and function is available at the following link:

https://watts-dev.data.kit.edu/docs/code/index.html

Plugins

The service has been extended with two plugins, to allow the of OIDC login to access services via ssh and RCauth.

Those two plugins are the results of two separate AARC1 pilots. Both are well documented and described at the following links:

WaTTS SSH plugin: WaTTS SSH plugin - SSH access using OIDC login

WaTTS RCauth plugin: WaTTS RCauth plugin - Obtaining IOTA proxy certificates with OIDC