Project

General

Profile

EDITFederation » History » Version 9

Lutz Suhrbier, 08/13/2010 04:44 PM

1 1 Lutz Suhrbier
2 2 Lutz Suhrbier
# EDIT Federation
3
4 7 Lutz Suhrbier
The EDIT Federation represents an implementation of the federation concept defined within the [Security Assertion Markup Language (SAML)](http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security) standards family. In the first instance, the EDIT federation is open to any members or affiliates of the EDIT project. Nevertheless, some day the EDIT federation envisions to merge into a larger (!BioDiv) federation community reflecting at minimum the most important biodiversity research institutions.
5 2 Lutz Suhrbier
6
7 7 Lutz Suhrbier
Currently, there are three membership types offered by the EDIT federation.
8 2 Lutz Suhrbier
9 7 Lutz Suhrbier
* registered EDIT user
10 2 Lutz Suhrbier
11 7 Lutz Suhrbier
* registered EDIT Service Provider (SP)
12 2 Lutz Suhrbier
13 7 Lutz Suhrbier
* EDIT Identity Provider(IdP)
14 1 Lutz Suhrbier
15 4 Lutz Suhrbier
16 7 Lutz Suhrbier
First, registered EDIT users benefit from the enhancements of EDIT's [[CSSO|Community Single Sign-on (CSSO)]] and are enabled to use any services offered by EDIT CSSO Service Providers passing through a single login procedure only. 
17 1 Lutz Suhrbier
18 6 Lutz Suhrbier
19 7 Lutz Suhrbier
Second, becoming an EDIT Service Provider (SP) mainly addresses EDIT web application or service providers who want to offer their regular users the convenience of single sign-on or those who do not want to deal with large EDIT user lists and rely on the confidentiality of the EDIT federation's user registration process. Even though, user authentication is done by EDIT's Identity Provider (IdP), EDIT Service Providers keep complete control of what users are allowed to access their services. 
20 6 Lutz Suhrbier
21 7 Lutz Suhrbier
This is due to the [[EDITFederationShibbolethAttributes|EDIT Federation attributes]] transmitted by EDIT's IdP along with any authentication request. That way, access control may be based on these [[EDITFederationShibbolethAttributes|EDIT Federation attributes]] stating e.g. the user id, group membership or roles of any authenticated EDIT user. 
22 1 Lutz Suhrbier
23
24 7 Lutz Suhrbier
Third, EDIT Identity Provider will be assigned the job to maintain a user database and to authenticate EDIT Federation users in addition to already existing IdPs within the EDIT Federation. This option may come into consideration for larger institutions managing a significant amount of (potential) EDIT users. That way, user management could be decentralised and located at the users' origin. Currently, that option is not implemented. 
25 1 Lutz Suhrbier
26
27 7 Lutz Suhrbier
Though, the remaining sections will provide some guidance on how become member of the EDIT Federation to any potential EDIT users or service providers.
28 1 Lutz Suhrbier
29
30
31 7 Lutz Suhrbier
## How to become an EDIT user ?
32
33
In order to become an registered EDIT user the following information will be requested
34
35
* valid email address
36
37
* first name, last name
38
39
* desired user id (login name)
40
41
* warrantor (name, email address) or institution stating the user's EDIT and workpackage membership
42
43
 
44 9 Lutz Suhrbier
Please send these information along with an email to the EDIT Federation administrator (suhrbier(at)inf.fu-berlin.de).
45 7 Lutz Suhrbier
46
47 9 Lutz Suhrbier
After having approved these information, the EDIT Federation administrator will get back to the requestor and forward any further instructions to access the newly created account.
48 7 Lutz Suhrbier
49
50
51
## How to become an EDIT Service Provider ?