Changes between Version 11 and Version 12 of Workspaces
- Timestamp:
- 11/11/15 17:34:22 (9 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Workspaces
v11 v12 32 32 * https://gitorious.org/owncloud/apps/trees/master/user_saml 33 33 34 === access by web applications===34 === user delegation (access by web applications) === 35 35 36 36 Challenge is to access it from web services/applications. To do so, a SAML-to-OAuth2 bridge might be needed. 37 37 38 === non web-based access === 38 More information on this: 39 * https://www.clarin.eu/content/user-delegation 40 * [https://www.clarin.eu/event/2015/centre-meeting workshop on user delegation] 41 * [ticket:636 testing user delegation in CLARIN-D] 42 43 === end-user synchronisation clients === 39 44 40 45 some possible solutions: 46 47 * LDAP (restricted to just 1 Identity Provider) > tested successfully for CLARIN-D !OwnCloud. Outstanding issues: 48 * linking with web-based access (match LDAP user ID to SAML attribute like ePPN) 49 * risk that people only use CLARIN IdP as it offers more functionality than their own Identity Provider 50 * SAML integration (client application showing a browser window where a web-based login can take place). [https://www.surf.nl/en/services-and-products/surfdrive/surfdrive.html SURF] uses this system (for 11.000 users at 65 institutes) but is not really happy about the daily functioning. Some early experiments by Dieter seem to confirm this: users often have to login again. 51 52 (theoretic solutions that have not been tested and are probably not worth pursuing:) 41 53 42 54 * Radius (like for eduroam), see e.g. plugin for [http://wiki.gwdg.de/index.php/GWDG_Cloud_Share/EN#Prerequisites_and_limitations powerfolder as used at GWDG] and plugin for [https://github.com/AlessandroLorenzi/owncloud-radius OwnCloud]. Outstanding issues: 43 55 * will it work (as well as eduroam)? 44 56 * is it allowed to use eduroam credentials for this? 45 * [https://community.ja.net/groups/moonshot Moonshot] (based on radius but with own client software). Experimental; status needs to be checked with the Moonshot team (which is very communicative: Rhys Smith and John Chapman). 46 * LDAP (restricted to just 1 Identity Provider) > tested successfully for CLARIN-D !OwnCloud. Outstanding issues: 47 * linking with web-based access (match LDAP user ID to SAML attribute like ePPN) 48 * risk that people only use CLARIN IdP as it offers more functionality than their own Identity Provider 57 * [https://community.ja.net/groups/moonshot Moonshot] (based on radius but with own client software) 49 58 50 59 == History and background ==