Versions Compared

Old Version 11

changes.mady.by.user Ioannis Igoumenos

Saved on

compared with

New Version Current

changes.mady.by.user Ioannis Igoumenos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The components are as follows:

ComponentDescriptionWhy did we choose it?Link
RCAuthToken Translation. Used to generate x509 certificates for access to legacy servicesEU wide, sustainable infrastructure componenthttps://rcauth.eu
VOMSAttribute Authority & Membership Management. Legacy authorisation database for WLCG, must be integrated for backwards compatibilityPre-existing. Backwards compatibilityhttps://italiangrid.github.io/voms/
CERN HR DBAttribute Authority. CERN's source of identity vetting informationPre-existing. Backwards compatibilityN/A
INDIGO-IAMOne option for the proxy and membership management componentImplements multiple components, easier maintenance. Product used by other communities.https://www.indigo-datacloud.eu/identity-and-access-management
EGI-Check-inThe second option for the proxy and membership management componentImplements multiple components, easier maintenance. Product used by other communities.https://www.egi.eu/services/check-in/


Architecture

The architecture includes every component of the AARC BPA. 

...

Videos for the AARC supported pilot for EGI-Check-in are available at https://www.dropbox.com/sh/0u9d5fzuxrjyu3k/AAClKTVLpJRC5YN2kh0JlKsGa?dl=0 link

User links x509 certificate with federated credentials

StepScreenshots
User registers with the system using a federated account

Image Modified

Image Modified

Image Modified

Image Modified


Image Modified


User associates x509 user certificate with their account

Image ModifiedImage Modified

User submits a physics job

StepScreenshot (TBC)
User follows registration flow above
User requests token from command line (Device Code Flow)

Image Modified

User submits a job in the normal way

Demo EGI Check-in

...

videos

The various functionalities provided by EGI Check-in are available through mini demo videos. videos demonstrating the below functionalities/flows:

  • Trying to add a non-WLCG experiment member into the system
  • Adding a WLCG Experiment member into the system( Create the user, obtain an RCAuth certificate, register into VOMS)
  • Group management
  • HRDB periodic syncing
  • Invite multiple people via email from an administrator's account
  • SSH key authentication for RCAuth proxy retrieval
  • Token exchange and device code  


Visit the following link to view.

...