EGI AAI integration with ELIXIR AAI

From EGIWiki
Revision as of 11:39, 4 May 2016 by Mhaggel (talk | contribs)
Jump to: navigation, search

EGI AAI: Integration with the ELIXIR AAI

How to use it?

The EGI AAI and ELIXIR AAI systems have been integrated to enable:

  • Write access to the GOCDB service registry for ELIXIR service operators. As result of the integration, 'ELIXIR service operators' can now register and update service entries in GOCDB using their ELIXIR account for login
  • UNDER FINALISATION: Write access to the Applications Database, particularly to the ELIXIR section of this database, which as a catalogue of Virtual Appliances (VMs with or without contextualisation scripts) that are approved for the ELIXIR community. As a result of the integration 'ELIXIR infrastructure managers' can add virtual appliances into the 'ELIXIR set' using their ELIXIR account for login. (Note that the Application Database can be browsed without login and new appliances can be registered in the catalogue by any registered user, not just ELIXIR account holders.)

You can try the integrated system in the following way:

  1. Apply for an ELIXIR account at https://www.elixir-europe.org/intranet (Conditions and restrictions apply. Please check the page for further details)
  2. Join the ELIXIR Virtual Organisation (to connect your account with AppDB, GOCDB and cloud resources): https://perun.cesnet.cz/edugain/registrar/?vo=vo.elixir-europe.org.
  3. Apply for an 'ELIXIR service operator' or 'ELIXIR infrastructure manager' role in email to Steven Newhouse <steven.newhouse@ebi.ac.uk>.
  4. If you have a 'service operator' role, then go to http://gocdb.egi.eu and after login add/edit your services.
  5. UNDER FINALISATION: If you have an 'infrastructure manager' role, then go to http://appdb.egi.eu and after login add/remove VM images in the ELIXIR list: https://appdb.egi.eu/store/vo/vo.elixir-europe.org/imagelist

Architecture

Current status

ELIXIR groups enabled in EGI

GOCDB access

AppDB access

Integration with the EGI AAI has been finalized.

We are in the process of merging the authorization related attributes (VO roles & membership) acquired from the EGI AAI with the internal authorization mechanism of the AppDB system. Actually, we are in the testing phase of it, which is expected to be finalized by the end of the week (if all goes well, of course). Once testing is done, its a matter of hours to push the changes into the AppDB production instance.  

Plans