| Version 10 (modified by , 9 years ago) (diff) |
|---|
(note: this page is being rewritten - it is not fully up to date)
Workspaces: concept
Basically it is a private/group-shared cloud storage for researchers. Requirements:
- easy to use, should ideally integrate closely with the operating system
- CLARIN server-side applications should be able to access it (for reading and writing, if the owner allows)
- if/when offered as a production service:
- should come with a clear statement about availability
- should come with clear legal terms of reference (to prevent abuse/illegal actions/liability for the hoster)
OwnCloud
OwnCloud seems to be a good package, has been tested in CLARIN-D.
A few hints on how to access publicly shared links can be found here.
Available installations
- EUDAT is providing the beta B2DROP service, which is based on OwnCloud? and hosted at the [FZJ computing centre].
- CLARIN-D has an own test instance of OwnCloud hosted at FZJ. Probably B2DROP can replace this test instance, since it is the same software running at the same computing centre. Also, the organisational backing of EUDAT is important.
- Several national research networks have setup an ownCloud installation
Authentication
web-based access
This is the easy case: use SAML. There are (tested) plugins for OwnCloud?:
- http://www.yaco.es/blog/en/uniquid/2012/06/implementado-plugin-saml-para-owncloud/
- https://gitorious.org/owncloud/apps/trees/master/user_saml
access by web applications
Challenge is to access it from web services/applications. To do so, a SAML-to-OAuth2 bridge might be needed.
non web-based access
some possible solutions:
- Radius (like for eduroam), see e.g. plugin for powerfolder as used at GWDG and plugin for OwnCloud. Outstanding issues:
- will it work (as well as eduroam)?
- is it allowed to use eduroam credentials for this?
- Moonshot (based on radius but with own client software). Experimental; status needs to be checked with the Moonshot team (which is very communicative: Rhys Smith and John Chapman).
- LDAP (restricted to just 1 Identity Provider) > tested successfully for CLARIN-D OwnCloud. Outstanding issues:
- linking with web-based access (match LDAP user ID to SAML attribute like ePPN)
- risk that people only use CLARIN IdP as it offers more functionality than their own Identity Provider
History and background
- There are some other Cloud storage solutions around, e.g.:
- Power Folder - at the time of evaluation closed source and rather bad test experiences
- Sea File - fairly new, open source since mid 2012, positive stories but not as popular as ownCloud
