Next JRA1 step AA

From GEANT2-JRA1 Wiki

As agreed in the JRA1's discussion in Poznan, I (Maurizio) asked JRA5 if there is (or will be) a "codebase" that the JRA1 prototype group can access to actually implement an Authentication Server (AS, or "SAP" in JRA5 jargon) in PerfSONAR. Although some JRA5 people did similar job in the past (i.e. helping people to insert AA in specific applications), they are scared about undertaking (as JRA5) the responsibility of coding down all the possible SAP flavours for all possible GN2 activities. And this is understandable. However, I stressed that JRA5's work should go beyond the simple interface specification, if its output must be useful to other GN2 activities. As a mediating point we agreed to take the JRA1's input document we sent to JRA5 last week (the one where we detailed all the 13 JRA1's AA steps..) and expand each step with:

  • 1) The mapping with an eduGAIN (i.e. JRA5) primitive
  • 2) The list of parameters
  • 3) Information of how to implement this (e.g. which java classes will be triggered) and, possibly, a code reference in some simple case.

JRA1 must make the first effort to expand the doc, i.e. provide 1) and 2) (which is pretty much already done), and for 3) precisely state what further information we need. E.g. "we use this technology...(e.g. java...) and we need to know which classes to call, and how to map eduGAIN parameters to these classes...". JRA5 should then complete 3), and provide code examples.

To sum up, we need to be more proactive in the short term (i.e. *ask* the information we need, rather than simply receive some code base and dissect it), but probably the answers we'll get will be more useful to us.

A note: someboby also proposed the alternative that and existing federation, with a running AA service, "adopts" JRA1, in the sense that it provides JRA1 the possibility of registering identitities, and/or define AuthZ policies. This would mean, from perfSONAR point of view, to rely on an an external AS service. To be discussed if such a short term solution can be of any help for perfSONAR

Retrieved from "http://wiki.perfsonar.net/jra1-wiki/index.php/Next_JRA1_step_AA"
Personal tools