Difference between revisions of "Federated AAI Requirements"

From EGIWiki
Jump to: navigation, search
(Created page with "This page tracks resource providers' requirements regarding AAI. RPs may have different requirements for authenticating users. We'll try to track the pieces of information that a...")
 
 
(9 intermediate revisions by 7 users not shown)
Line 1: Line 1:
This page tracks resource providers' requirements regarding AAI. RPs may have different requirements for authenticating users. We'll try to track the pieces of information that are required at each site to guide decisions about which solutions and configurations are required for the federation.  
+
This page tracks resource providers' requirements regarding AAI. RPs may have different requirements for authenticating users. We'll try to track the pieces of information that are required at each site to guide decisions about which solutions and configurations are required for the federation. Optional attributes are marked in parentheses. Please consider if these attributes are required to be known directly at each request for new resources or only through a registering authorisation body, i.e. as a resource provider you are able to get this information through a fully documented procedure not necessarily for each submitted instance request.<br>
  
{| border="1" width="200" cellspacing="1" cellpadding="1"
+
{| width="200" border="1" cellspacing="1" cellpadding="1"
 
|-
 
|-
 
! scope="col" | RP<br>  
 
! scope="col" | RP<br>  
! scope="col" | Full Name<br>  
+
! scope="col" | Full Name (displayName)<br>  
! scope="col" | Email<br>  
+
! scope="col" | Email (mail)<br>  
! scope="col" | Nationality<br>  
+
! scope="col" | Nationality (?)<br>  
! scope="col" | ePPN
+
! scope="col" | ePPN  
! scope="col" | Organization
+
! scope="col" | Organization (schacHomeOrganization <br>)
! scope="col" | Other (Please add column before this one)<br>
+
! scope="col" | Other (Please add column before this one)<br>  
 +
! scope="col" | Attributes may be derived
 
|-
 
|-
 
|  
 
|  
Line 19: Line 20:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| CESGA<br>  
 
| CESGA<br>  
 +
| align="center" | x
 +
| align="center" | x
 +
| align="center" | x
 +
| align="center" |
 +
| align="center" | x
 
| align="center" | <br>  
 
| align="center" | <br>  
| align="center" | <br>
+
| align="center" | &nbsp;?
| align="center" | <br>
 
| align="center" |
 
| align="center" |
 
| align="center" | <br>
 
 
|-
 
|-
 
| CESNET<br>  
 
| CESNET<br>  
Line 33: Line 36:
 
| align="center" | x<br>  
 
| align="center" | x<br>  
 
| align="center" | <br>  
 
| align="center" | <br>  
| align="center" | x
+
| align="center" | x  
| align="center" | (x)
+
| align="center" | (x)  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| CETA-CIEMAT<br>  
 
| CETA-CIEMAT<br>  
Line 43: Line 47:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| Cyfronet<br>  
 
| Cyfronet<br>  
Line 51: Line 56:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| FZ Jülich<br>  
 
| FZ Jülich<br>  
Line 59: Line 65:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| GRIF<br>  
 
| GRIF<br>  
Line 67: Line 74:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| GRNET<br>  
 
| GRNET<br>  
Line 75: Line 83:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| GWDG<br>  
 
| GWDG<br>  
Line 83: Line 92:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
| IFCA<br>  
+
| CSIC (IFCA-LCG2)<br>  
 
| align="center" | <br>  
 
| align="center" | <br>  
 
| align="center" | <br>  
 
| align="center" | <br>  
Line 91: Line 101:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
| IGI
+
| IGI  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
Line 100: Line 111:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| IPHC<br>  
 
| IPHC<br>  
Line 107: Line 119:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| CC-IN2P3<br>  
 
| CC-IN2P3<br>  
Line 115: Line 128:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| Oxford<br>  
 
| Oxford<br>  
Line 123: Line 137:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| SARA<br>  
 
| SARA<br>  
Line 131: Line 146:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| STFC<br>  
 
| STFC<br>  
Line 139: Line 155:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| TCD<br>  
 
| TCD<br>  
Line 147: Line 164:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| KTH<br>  
 
| KTH<br>  
 +
| align="center" | x<br>
 +
| align="center" | x<br>
 +
| align="center" | x<br>
 +
| align="center" | x
 +
| align="center" | (x)
 
| align="center" | <br>  
 
| align="center" | <br>  
| align="center" | <br>
+
| align="center" | &nbsp;?
| align="center" | <br>
 
| align="center" |
 
| align="center" |
 
| align="center" | <br>
 
 
|-
 
|-
 
| SZTAKI<br>  
 
| SZTAKI<br>  
Line 163: Line 182:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| INFN-Napoli<br>  
 
| INFN-Napoli<br>  
Line 171: Line 191:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
| IISAS<br>  
+
| INFN-IGI-CNAF<br>
 +
| align="center" | x<br>
 +
| align="center" | x<br>  
 
| align="center" | <br>  
 
| align="center" | <br>  
 +
| align="center" | x<br>
 +
| align="center" | x<br>
 
| align="center" | <br>  
 
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 +
|-
 +
| IISAS<br>
 +
| align="center" | X<br>
 +
| align="center" | X<br>
 
| align="center" | <br>  
 
| align="center" | <br>  
 
| align="center" |  
 
| align="center" |  
| align="center" |  
+
| align="center" | X<br>
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| PLOCAN<br>  
 
| PLOCAN<br>  
Line 187: Line 218:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|-
 
|-
 
| 100 Percent IT Ltd<br>  
 
| 100 Percent IT Ltd<br>  
Line 195: Line 227:
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
 
| align="center" |  
| align="center" | <br>
+
| align="center" | <br>  
 +
| align="center" | &nbsp;?
 
|}
 
|}
  
<br>
+
In the above table, we have mapped the required pieces of information to attributes from the eduGAIN&nbsp;attribute profile<ref>http://www.geant.net/service/eduGAIN/resources/Documents/GN3-11-012%20eduGAIN_attribute_profile.docx</ref> where applicable. Further attributes from this profile are:
 +
 
 +
*common name (cn)
 +
*eduPersonAffiliation
 +
*eduPersonScopedAffiliation
 +
*SAML2 Persostent NameID (eduPersonTargetedID)
 +
*shacHomeOrganizationType
 +
 
 +
Furthermore, there are persistent identifiers available with SAML2 Persistent Name ID, known as eduPersonTargetedID. The eduPersonTargetedID can preserve privacy, whereas ePPN&nbsp;may not do so.
 +
 
 +
== References ==
 +
 
 +
<references />

Latest revision as of 16:13, 22 November 2013

This page tracks resource providers' requirements regarding AAI. RPs may have different requirements for authenticating users. We'll try to track the pieces of information that are required at each site to guide decisions about which solutions and configurations are required for the federation. Optional attributes are marked in parentheses. Please consider if these attributes are required to be known directly at each request for new resources or only through a registering authorisation body, i.e. as a resource provider you are able to get this information through a fully documented procedure not necessarily for each submitted instance request.

RP
Full Name (displayName)
Email (mail)
Nationality (?)
ePPN Organization (schacHomeOrganization
)
Other (Please add column before this one)
Attributes may be derived

BSC





 ?
CESGA
x x x x
 ?
CESNET
x
x

x (x)
 ?
CETA-CIEMAT




 ?
Cyfronet




 ?
FZ Jülich
x
x
x

 ?
GRIF




 ?
GRNET




 ?
GWDG




 ?
CSIC (IFCA-LCG2)




 ?
IGI  ?
IPHC




 ?
CC-IN2P3




 ?
Oxford




 ?
SARA




 ?
STFC




 ?
TCD




 ?
KTH
x
x
x
x (x)
 ?
SZTAKI




 ?
INFN-Napoli




 ?
INFN-IGI-CNAF
x
x

x
x

 ?
IISAS
X
X

X

 ?
PLOCAN




 ?
100 Percent IT Ltd




 ?

In the above table, we have mapped the required pieces of information to attributes from the eduGAIN attribute profile[1] where applicable. Further attributes from this profile are:

  • common name (cn)
  • eduPersonAffiliation
  • eduPersonScopedAffiliation
  • SAML2 Persostent NameID (eduPersonTargetedID)
  • shacHomeOrganizationType

Furthermore, there are persistent identifiers available with SAML2 Persistent Name ID, known as eduPersonTargetedID. The eduPersonTargetedID can preserve privacy, whereas ePPN may not do so.

References