Common SAML attribute profile phone meeting 09.28.2010

Attendees: Andrea Ceccanti, Aleksander Konstantinov, Valery Tschopp,Krzysztof Benedyczak, Ali Gholami

Short report

Characterisation of SAML usage in existing middleware

  • No production use of SAML for gLite and ARC.
  • SAML assertions used in UNICORE to carry VO membership attributes that are used for authorization purposes.

Common SAML attribute profile

  • Chemomementum profile a good starting point, but could be simplified.

Requirements

  • Simple mapping of SAML to XACML attributes conforming to the rules of the SAML 2.0 profile of XACML 2.0
  • Definition of generic scope attribute value
  • Definition of VO membership attribute
  • Definition of VO group membership attribute
  • Definition of VO role posession attribute
  • Support for VOMS fqans (bag of fqans + primary fqan)
  • Support for VOMS generic attributes

-- AndreaCeccanti - 28-Sep-2010

Edit | Attach | Watch | Print version | History: r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r2 - 2010-10-12 - unknown
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    EMI All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2022 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback