...
The online CA is a service provider which has entered eduGAIN, and has as CA been accredited by IGTF (as a so-called IOTA CA). In order to protect the service, a filtering WAYF has been implemented which only accepts Identity Providers that publish the R&S set of attributes and are conforming to the Sirtfi. The combined service is running on a production level. The Master Portals run by EGI and ELIXIR are running as pilot services.
A sustainability study for the model has been produced by AARC-NA3.
Demonstration
We have created two demonstrator Master Portal clients, which talk to a semi-production Master Portal (running for EGI), serviced by the production RCauth.eu online CA. We also have setup a test VOMS service with test VO, to test and showcase the integration with a VOMS attribute authority. The two demonstrators are:
...
The adaptations of the code for this pilot can be found on the RCauth.eu github repository.
Additionally Additionally:
- ansible scripts for setting up a Delegation Server (online CA) or a Master Portal
- SimpleSAMLPHP has been used to build a filtering WAYF.
- A VOMS server to run a test VO.
- some simple PHP clients to test the flow and make a demonstrator.