EduCloud Auth (SSO) status 17-3-2015

Transcript

1. EduCloud Auth – Status 17.3.2015

2. Proxy IdP – (Current) Architecture Proxy IdP is the main

   gateway between Service Providers (SPs) and Authentication Providers (APs) – APs provide static & unique (in AP context) AuthnID for Proxy IdP – Proxy IdP exploits the AuthnID for resolving global student ID and role attributes for SPs Proxy IdP uses RoleDB for the student ID and attributes resolution Prerequisite: users have registered their desired AP(s) to RoleDB – https://github.com/educloudalliance/educloud-sso/wiki/Authn-Selector-Service 2

3. 3

4. Proxy IdP – Current Status An instance is running in

   CSC’s Pouta cloud – Implementation currently based on Shibboleth IdP v2 Already connected to AOL, Google, LinkedIn, Twitter and Windows Live (Hotmail) Existing EduCloud SSO (2014 pilot) will be added as a trusted SP before next meeting RoleDB connection is under construction 4