Changes between Version 11 and Version 12 of Workspaces


Ignore:
Timestamp:
11/11/15 17:34:22 (9 years ago)
Author:
Dieter Van Uytvanck
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • Workspaces

    v11 v12  
    3232 * https://gitorious.org/owncloud/apps/trees/master/user_saml
    3333
    34 === access by web applications ===
     34=== user delegation (access by web applications) ===
    3535
    3636Challenge is to access it from web services/applications. To do so, a SAML-to-OAuth2 bridge might be needed.
    3737
    38 === non web-based access ===
     38More information on this:
     39 * https://www.clarin.eu/content/user-delegation
     40 * [https://www.clarin.eu/event/2015/centre-meeting workshop on user delegation]
     41 * [ticket:636 testing user delegation in CLARIN-D]
     42
     43=== end-user synchronisation clients ===
    3944
    4045some possible solutions:
     46
     47  * LDAP (restricted to just 1 Identity Provider) > tested successfully for CLARIN-D !OwnCloud. Outstanding issues:
     48   * linking with web-based access (match LDAP user ID to SAML attribute like ePPN)
     49   * risk that people only use CLARIN IdP as it offers more functionality than their own Identity Provider
     50  * SAML integration (client application showing a browser window where a web-based login can take place). [https://www.surf.nl/en/services-and-products/surfdrive/surfdrive.html SURF] uses this system (for 11.000 users at 65 institutes) but is not really happy about the daily functioning. Some early experiments by Dieter seem to confirm this: users often have to login again.
     51
     52(theoretic solutions that have not been tested and are probably not worth pursuing:)
    4153
    4254 * Radius (like for eduroam), see e.g. plugin for [http://wiki.gwdg.de/index.php/GWDG_Cloud_Share/EN#Prerequisites_and_limitations powerfolder as used at GWDG] and plugin for [https://github.com/AlessandroLorenzi/owncloud-radius OwnCloud]. Outstanding issues:
    4355   * will it work (as well as eduroam)?
    4456   * is it allowed to use eduroam credentials for this?
    45  * [https://community.ja.net/groups/moonshot Moonshot] (based on radius but with own client software). Experimental; status needs to be checked with the Moonshot team (which is very communicative: Rhys Smith and John Chapman).
    46  * LDAP (restricted to just 1 Identity Provider) > tested successfully for CLARIN-D !OwnCloud. Outstanding issues:
    47    * linking with web-based access (match LDAP user ID to SAML attribute like ePPN)
    48    * risk that people only use CLARIN IdP as it offers more functionality than their own Identity Provider
     57 * [https://community.ja.net/groups/moonshot Moonshot] (based on radius but with own client software)
    4958
    5059== History and background ==