Ask Christos, Marcus and Uros to add stuff
Participants
| Name | Organisation |
|---|---|
| Uros Stevanovic | KIT |
| Marcus Hardt | KIT |
#Enter the persons who are participating in the team that works on this Activity - delete this line after using the template#
| Name | Organisation | Role |
|---|---|---|
| Name | Organisation | Role |
|---|---|---|
| Christos Kanellopoulos (stale) | GEANT | eduTEAMS service owner |
Activity overview
Some systems cannot be federated easily per se (e.g. like non-web services, such as login to remote *nix machines, ...) need user accounts to be provisioned before they can login.
We have a prototype of an instant deployment tool (FEUDAL). It facilitates provisioning of user accounts on a per VO basis. It makes use of rabbit-MQ to instantly deploy provisioning and deprovisioning events.
Feudal is based on OIDC: It is an OIDC client, and it simply transports the information of the /userinfo endpiont along.
Feudal is based on the concept of VOs (or authorisation Groups), i.e. the end services provide the information which VOs it supports. Feudal web fronted will only display services for provisioning to a given user based on his VO membership.
Feudal features deprovisioning and comes with a REST interface for programmatic use.
#Please describe the goals of Activity, including what needs to be delivered, participants, the community(ies) that require a solution. Describe when the Activity is done and how to measure the success of it, in a SMART way. - delete this line after using the template#
Goals of the activity are:
- From the FEUDAL perspective:
- Verify the approach taken (VO based approach, architecture)
- Verify the decision of not using SCIM for provisioning (using unmodified /augmented information of the userinfo endpoint instead)
Activity Details
#Please describe the technical details for the Activity. - delete this line after using the template#
<Enter here>
#What is the business case for the Activity? Who would be beneficiaries of the results of the Activity and what would potential business case look like if applicable? - delete this line after using the template#
We’d like to pilot FEUDAL to provide a way for communities or infrastructures to integrate services that require provision of accounts. For this, we will provide the central instance, support on integration of services and consider developing required extensions.
Interest in testing this the context of eduTEAMS
#Are there risks that influence either the implementation of the activity or its outcomes? - delete this line after using the template#
<Enter here>
#How do data protection and privacy impact the Activity? Think about e.g. handling of personal data of users - delete this line after using the template#
<Enter here>
#Please describe here the set of criteria that the product must meet in order to be considered finished. - delete this line after using the template#
<Enter here>
#How are the results of the Activity intended to be used? If this requires further engagement, can you describe how you intent to sustain it? - delete this line after using the template#
<Enter here>
Activity Results
Meetings
Date | Activity | Owner | Minutes |
|---|---|---|---|
January 1, 2017 | Kickoff meeting | ||
Documents