Participants
...
| Panel |
|---|
| title | Contact data | | Proposers |
|---|
|
|
| Panel |
|---|
Please provide contact details for | | participants involved in this activity
|
Email| Submitter name & email: | P.I. | Other participants... | | Dev | | | SUNET | Mentor | | Slavek Licehammer | CESNET | CESNET GEANT contact | | Pavel Poláček | CESNET | Team | | Jan Chvojka | CESNET | Team |
... | Dev | ... | | Mentor
|
| Panel |
|---|
| title | Contact data of Parties involved |
|---|
| Please provide names and contact details for additional (external) organisations involved in this Incubator project
| | Person email | Role within pilot |
|---|
RA21 | Leif et al | | CESNET discovery Team | Jan, Slavek et al | | | | |
| Name | Organisation | Role |
|---|
| GARR | T1 eduGAIN service manager | | Klaas Wierenga | GEANT Association | GEANT Chief Community Support Officer and GÉANT representative for the RA21 governance committee | | Christos Kanelopoulos | GEANT Association | GÉANT representative for the RA21 technical committee |
|
Activity Overview
| Panel |
|---|
|
| This workpackage T&I work package continues the work on IdP discovery as it was done started in eduETAMS in GN4-2 in the eduTEAMS and IdP Discovery subtask. It gathers requirements, and works with the RA21 initiative towards an implementation that can become a service in the GEANT project. At the same time it helps handing over the existing eduTEAM Discovery Service to the new (GN4-3 WP5 T1) eduGAIN service. |
| Panel |
|---|
|
Please describe the goals of pilot, including activities, participants, the community(ies) that require a solution. Describe when the pilot is done and how to measure the success of it, in a SMART way. <Enter here> |
| Panel |
|---|
| title | Backgrouond information |
|---|
|
See eduTEAMS DSX Discovery documentation pages: DSX Discovery Service Earlier discussion from Licia: "Dear all,
Last week in Milan I had a chat with Slavek about CESNET discovery
service. We agreed that we it would make more sense to look at a
discovery service in the context of eduGAIN.
Slavek and I agreed that the current pilot with CESNET service was not
really advertised so it's difficult to gather inputs on the satisfaction
of the services that used it. In agreement with Marina, we will fund
another pilot with CESNET discovery with defined goals where we will ask
for inputs and/or requests for new features. The pilot will have a
limited duration of about 6 months. The pilot, in agreement with Niels,
should go under the incubator and after the defined period we should
assess the usability and satisfaction and see which features should be
implemented. We have planned a similar pilot also for RA21.
I will ping Slavek privately to define further details.
" |
Project Details
| Panel |
|---|
|
Please describe the technical details for this pilot. <Enter here> |
| Panel |
|---|
|
What is the business case for this Incubator project? Who would be customers of this solution and what would potential business case look like?
<Enter here> |
| Panel |
|---|
| title | Data protection & Privacy |
|---|
|
How do data protection and privacy impact this Incubator project? Think about e.g. handling of personal data of users
<Enter here> |
Activity Details
| Panel |
|---|
|
The current DSX Discovery Service (was initially called eduTEAMS Discovery Service) is operated on https://dsx.edugain.org (several physically distributed servers) and a test instance on https://dsx-test.edugain.org. Its software is the CESNET SAML2 Discovery Service implementation (PHP). Even though the service is not considered yet a production service according to the GEANT PLM (because it is neither part of the eduTEAMS nor eduGAIN service currently), the service has been operated as managed service on the same production hardware by CESNET that CESNET uses for their own production Discovery Service. The three main features that distinguish this implementation from others are: - Privacy awareness: The operator of the DS does not know which organisation the user is from after the user made his choice
- Embeddable: The DS can be embedded with a JavaScript on any web page
- Filtering: The IdPs listed in the DS can be filtered according to federation, entity categories or individually by adding a proprietary filtering expression to the URL to load the DS from. The filter can be created in a specific filter user interface.
The Discovery Service documentation (for SP administrators) is on the GEANT wiki. The RA21 prototype Discovery Service (special branch based on pyFF, python) has been developed by Leif Johansson (SUNET) with and for the RA21 project. A prototype of the user interface is available on the pyFF nightly instance. It demonstrates an example user interface that was invested quite some work in together with RA21 UI experts and that was mostly created with the RA21 target services (login on publisher web sites) in mind. |
| Panel |
|---|
|
The long term goal of this pilot is to contribute to a state-of-the-art, user-friendly, SAML2-compliant default IdP Discovery Service that eduGAIN Service Providers can use (alternatively to operating their own Discovery Service or rely on a federation-specific one). This Discovery Service can be delivered as either of these: - fully operated by the RA21 interest group that GEANT is a prominent member of. This delivery model would mean that GEANT would not operate an own default Discovery Service for eduGAIN.
- using a static custom GEANT/eduGAIN-branded front-end of the RA21 discovery service
- operate an independent Discovery Service (e.g. the CESNET implementation) that interacts with the RA21 service via their API
Part of the work of this cycle will be to identify the most suitable delivery model of the above. |
| Panel |
|---|
| title | Data protection & Privacy |
|---|
|
The DSX Discovery service already has a Privacy Policy. Its implementation (by CESNET) is already very privacy aware compared to other discovery service implementations. |
| Panel |
|---|
| title | Definition of Done (DoD) |
|---|
|
This activity is successfully finished when: - A report is delivered describing the feedback from the current users of the discovery pilot
- The current discovery pilot is handed over to WP5 T1 eduGAIN so it can be moved into a production service
- A first test implementation was build using the architecture and tools as provided by the RA21 project
|
| Panel |
|---|
|
The discovery pilot will be handed over to T1 eduGAIN for the purpose of making it a production service Most likely, the RA21 work continued in this cycle will not be complete. Ideally, this cycle is followed by another cycle with similar staff member and a better understanding of the RA21 service. |
Activity Results
| Panel |
|---|
|
|
| Panel |
|---|
|
When this Incubator project is completed, do you intend to continue using the solution? If yes, can you describe how you intent to sustain it? (E.g. through own staff, by using an e-Infrastructure provider, ...) <Enter here> |
Meetings
Date | Activity | Owner | Minutes |
|---|
Feb 14, 2017 | Kickoff meeting | | tbd | |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Documents
...
...
| name | eduTEAMS Discovery Service Feedback Report.pdf |
|---|
| height | 250 |
|---|
|
Additional Pages
Documents
(Attach any documents to this page to get them listed.)
