JIRA Issue
[XCI-339] Replace weblogin.xsede.org with CILogon and idp.xsede.org Created: 02/26/2018 Updated: 07/12/2018 |
|
| Status: | Proposed |
| Project: | XSEDE Cyberinfrastructure Integration |
| Component/s: | CILogon, Globus Auth, XSEDE InCommon Identity Provider (IdP), XSEDE User Portal (XUP) |
| Fix Version/s: | None |
| Type: | Task | Priority: | Normal |
| Reporter: | Lee Liming | Assignee: | Lee Liming |
| Resolution: | Unresolved | Votes: | 0 |
| Issue Links: |
|
||||||||||||
| XSEDE Priority: | - | ||||||||||||
| Planned Complete Date: | |||||||||||||
| Public activity link: | https://software.xsede.org/display/xci-339 | ||||||||||||
| Use Cases: |
CAN-06: Authenticate to one or more SP resources, SP services, and XSEDE central services
|
||||||||||||
| Track status in meeting: | yes | ||||||||||||
| Description |
|
The Globus Auth service, which provides XSEDE's Web SSO mechanism, relies on an XSEDE OIDC identity provider (IDP) to authenticate XSEDE users using their XSEDE username and password. The currently configured XSEDE IDP in Globus is weblogin.xsede.org, which is operated by the University of Chicago's Globus team. NCSA has recently begun operating an InCommon (SAML-based) IDP for XSEDE, named idp.xsede.org. Although this InCommon IDP doesn't support OIDC, the CILogon service (also operated by NCSA) provides translation between SAML and OIDC for >400 academic institutions, and could easily do the same for XSEDE. We need to explore our options regarding replacing weblogin.xsede.org with CILogon translating idp.xsede.org into OIDC. |
| Comments |
There are comments for XCI-339 that can be viewed with XSEDE authentication.
© XSEDE All Rights Reserved. Visit the Feedback page for assistance or to provide feedback.
The Extreme Science and Engineering Discovery Environment is supported by the National Science Foundation.
Administrative Login