Back to Volume
Paper: The Authentication and Authorization INAF Experience
Volume: 522, Astronomical Data Analysis Software and Systems XXVII
Page: 727
Authors: Tinarelli, F.; Zorba, S.; Knapic, C.; Jerse, G.
Abstract: A new prototype capable to handle multiple accounts for web application usage was developed in collaboration between Radio Astronomical Institute (IRA) and Italian Astronomical Archives (IA2). Both working groups shared skills and experiences in the field of Authentication and Authorization to allow users and client applications to access remote resources, data and services. The prototype is composed by an Authentication module (Remote Authentication Portal - RAP), an Authorization module (Grouper) and a connector for the communication between the previous two. The aim was to implement a multi protocol authentication mechanism (SAML 2.0, OAuth2, X.509), Self Registration, to permit the account linking (join of digital identities) and to manage groups of users. This paper describes the current harmonization activities between existing systems (Shibboleth, LDAP, Grouper, MySQL etc..) and INAF derived or bespoke software (RAP and connector). This activity will be applied also in the SKA scope to validate requirements and provide an effective test bed.
Back to Volume