[#XCI-444] XSEDE's Web SSO for locally install applications does not require users to authenticate with XSEDE
|
|
| Status: |
Proposed |
| Project: |
XSEDE Cyberinfrastructure Integration |
| Component/s: |
None
|
| Fix Version/s: |
None
|
|
Type:
|
XCI Documentation
|
Priority:
|
Major
|
|
Reporter:
|
Lee Liming
|
Assignee:
|
Unassigned
|
|
Resolution:
|
Unresolved
|
Votes:
|
0
|
| XSEDE Priority: |
-
|
| Public activity link: |
https://software.xsede.org/display/xci-444
|
| Devel Repository: |
Show
https://software.xsede.org/svn/xci/activities/xci-444/trunk/
|
| Effort and Costs: |
| Staff Name (Lastname, Firstname) |
Effort (person weeks) |
Roles or Contributions |
Status |
| <Activity Lead Name – Last, First> |
6 |
six weeks of effort to lead and implement the activity (required) |
none |
| <User Doc Drafter – Last, First> |
0.2 |
one day of effort to draft user documentation (required ) |
none |
| TBD (tester) |
1 |
one week of effort to test the software |
none |
| ... |
... |
.. |
none |
|
| Deliverables: |
| Due by |
Activity Deliverable |
| DSR |
Design document* |
| TRR |
Implemented Software Capability |
| TRR |
Other type of deliverable |
| TRR |
Deployment plan* |
| TRR |
Test plan* |
| TRR |
User documentation* |
| TRR (post) |
TRR Baseline* (Shava) |
| Deployment |
Deployment Baseline* (Shava) |
| Deployment |
Test Report* (Shava) |
- Click on "Deliverables" tab for URL.
|
| Lead Tester: |
Shava Smallen
|
|
Use case IDM-07 describes a locally installed application asking the user to authenticate using his/her XSEDE username and password. The current capability delivery plan (CDP) for this use case recommends using Globus Auth's native application feature to accomplish this. This solution has the following properties.
- Users can certainly authenticate with XSEDE when prompted by the application, but they can also authenticate using other identity providers if they prefer.
- The application can require that the user be registered with XSEDE, in which case the application will receive the user's XSEDE username and profile data, regardless of which identity provider the user chooses to authenticate with.
- This solution does not currently allow applications to require that the user authenticate with a specific identity provider (in this case, XSEDE).
Globus has recently added features to Globus Auth that can allow applications to require users to authenticate with a specific identity provider. But XSEDE has not yet integrated this into its solution for locally installed applications.
|
There are comments for XCI-444 that can be viewed with XSEDE authentication.
