OpenID Connect for Linux: Difference between revisions

From Lsdf
Jump to navigationJump to search
No edit summary
No edit summary
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
[[Studentische_Arbeiten_am_SCC|Zurück zur Themenliste]]
[[Studentische_Arbeiten_am_SCC|Zurück zur Themenliste]]

= First Meeting =
Thursday 5th Nov 2015 at 4:45 pm
building 20.20 in room 203


= Description =
= Description =
[[File:INDIGO_logo_transparent.png | right | frameless ]]
[[File:OpenID_logo.png | right | frameless ]]
[[File:OpenID_logo.png | right | frameless ]]
We are working in European scientific projects
[[File:Drawing.svg‎ | right | frameless ]]
As part of this we need to enable federated single-sign-on to our systems.
We are working in the European scientific project
INDIGO Data Cloud. One part of the project is a need to harmonize identities all over the European Federations and provide an easy to use single-sign-on system.


This is where you come into play!
This is where you come into play!
You will implement a service that will enable a user to login at a single-sign-on system
You will implement a PAM service that will enable a user to login into any linux service.
and use those credentials to do e.g. ssh, ftp or even S3.


You will be working with:
Our Idea is a RESTful service with a plugin-interface.
Plugins will be provided and implemented on a end-service base.

So during your PSE you will be working with:
* [http://openid.net/connect/ OpenID Connect]
* [http://openid.net/connect/ OpenID Connect]
* [http://oauth.net/2/ OAuth 2.0]
* [http://jwt.io/ Json Web Tokens (JWT)]
* [http://jwt.io/ Json Web Tokens (JWT)]
* Security Considerations
* [https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol Lightweight Directory Access Protocol (LDAP)]
* Concurrency
* Security Considerations (optional)
* concurrency (optional)


And you will implement:
* a RESTful webservice
** multiple clients
** multiple concurrent requests
** a management GUI (e.g. a website)
* local and remote execution of code
* multiple different services that need authorization/authentication

= Goals =
* Meet the PSE Goals
** Requirement specification (Pflichtenheft)
** System Design (Systementwurf)
** Implementation (Implementierung)
** Validation (Validierung (Qualitätskontrolle/Softwaretest)
** Final Report (Projektabnahme und Abschlussveranstaltung)
* Get better knowledge about authentication and authorization
* Learn about client/server communications
* Get better at understanding of systems, designing and implementing them
* Learn about the Linux Operating System
* Have fun


=Requirements=
=Requirements=
Line 57: Line 23:
= What we provide =
= What we provide =
* an international group of smart and fun people
* an international group of smart and fun people
* several virtual machines as playground (yes, Linux and root ;) )
* several virtual machines as playground
* a PSE project that will be used for real later on
* a PSE project that will be used for real later on


= Contact =
= Contact =
[mailto:bas.wegh@kit.edu Bas.Wegh∂kit.edu]
[mailto:hardt@kit.edu Uros.Stevanovic∂kit.edu]

[mailto:benjamin.ertl@kit.edu Benjamin.Ertl∂kit.edu]

[mailto:uros.stevanovic@kit.edu Uros.Stevanovic∂kit.edu]

= Further Informations =
[http://pp.info.uni-karlsruhe.de/lehre/WS201516/pse/ Informations regarding PSE WS2015/16 (German) ]

Latest revision as of 15:33, 20 March 2018

Zurück zur Themenliste

Description

OpenID logo.png

We are working in European scientific projects As part of this we need to enable federated single-sign-on to our systems.

This is where you come into play! You will implement a PAM service that will enable a user to login into any linux service.

You will be working with:

Requirements

  • English (all documentations/presentations will be in English)
  • Linux (basic knowledge, you should have seen the command line)
  • Python (basic knowledge)
  • eager to learn new things

What we provide

  • an international group of smart and fun people
  • several virtual machines as playground
  • a PSE project that will be used for real later on

Contact

Uros.Stevanovic∂kit.edu