Upgrade to Pro — share decks privately, control downloads, hide ads and more …

EduCloud Auth (SSO) status 17-3-2015

EduCloud Auth (SSO) status 17-3-2015

EduCloud Alliance

March 17, 2015
Tweet

More Decks by EduCloud Alliance

Other Decks in Technology

Transcript

  1. EduCloud Auth – Status 17.3.2015

    View Slide

  2. Proxy IdP – (Current) Architecture
    Proxy IdP is the main gateway between Service
    Providers (SPs) and Authentication Providers (APs)
    – APs provide static & unique (in AP context) AuthnID for Proxy IdP
    – Proxy IdP exploits the AuthnID for resolving global student ID and
    role attributes for SPs
    Proxy IdP uses RoleDB for the student ID and attributes resolution
    Prerequisite: users have registered their desired AP(s)
    to RoleDB
    – https://github.com/educloudalliance/educloud-sso/wiki/Authn-Selector-Service
    2

    View Slide

  3. 3

    View Slide

  4. Proxy IdP – Current Status
    An instance is running in CSC’s Pouta cloud
    – Implementation currently based on Shibboleth IdP v2
    Already connected to AOL, Google, LinkedIn, Twitter
    and Windows Live (Hotmail)
    Existing EduCloud SSO (2014 pilot) will be added as a
    trusted SP before next meeting
    RoleDB connection is under construction
    4

    View Slide