OpenID Connect for Linux: Difference between revisions

From Lsdf
Jump to navigationJump to search
No edit summary
 
(20 intermediate revisions by 3 users not shown)
Line 3: Line 3:
= Description =
= Description =
[[File:OpenID_logo.png | right | frameless ]]
[[File:OpenID_logo.png | right | frameless ]]
We are working at the European scientific project called
We are working in European scientific projects
As part of this we need to enable federated single-sign-on to our systems.
INDIGO Data Cloud. As part of that there is a need to harmonize identities all over the European Federations and provide an easy to use single sing on system.


This is where you come into play!
This is where you come into play!
You will implement a service that will enable a user to login at a single-sign-on system
You will implement a PAM service that will enable a user to login into any linux service.
and use those credentials to do e.g. ssh, ftp or even S3.


You will be working with:
Our Idea is a RESTful service with a plugin-interface.
Plugins will be provided and implemented on a end-service base.

So during your PSE you will be working with:
* [http://openid.net/connect/ OpenID Connect]
* [http://openid.net/connect/ OpenID Connect]
* [http://oauth.net/2/ OAuth 2.0]
* [http://jwt.io/ Json Web Tokens (JWT)]
* [http://jwt.io/ Json Web Tokens (JWT)]
* [https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol Lightweight Directory Access Protocol (LDAP)]
* Security Considerations
* Security Considerations
* Concurrency

And you will implement:
* a RESTful webservice
* remote execution of code, e.g. using a ssh-connection (could be by using [http://www.ansible.com/ Anisble])
* multiple different plugins for the services that need authorization/authentication

= Goals =
* Meet the PSE Goals
** Requirement specification (Pflichtenheft)
** System Design (Systementwurf)
** Implementation (Implementierung)
** Validation (Validierung (Qualitätskontrolle/Softwaretest))
** Projektabnahme und Abschlussveranstaltung
* Get better knowledge about authentication and authorization
* Learn about client/server communication
* Get better at coding / maybe learn a new language
* Learn about the Linux Operating System
* Have fun


=Requirements=
=Requirements=
* English (at least basic)
* English (all documentations/presentations will be in English)
* Linux (basic knowledge, you should have seen the command line)
* Linux (basic knowledge, you should have seen the command line)
* Python (basic knowledge)
* Python (basic knowledge)
* Erlang (optional)
* eager to learn new things
* eager to learn new things


= What we provide =
= What we provide =
* a group of smart and fun people
* an international group of smart and fun people
* several virtual machines as playground (yes, Linux and root ;) )
* several virtual machines as playground
* a PSE project that will be used for real later on
* a PSE project that will be used for real later on


= Contact =
= Contact =
[mailto:bas.wegh@kit.edu Bas.Wegh∂kit.edu]
[mailto:hardt@kit.edu Uros.Stevanovic∂kit.edu]

[mailto:benjamin.ertl@kit.edu Benjamin.Ertl∂kit.edu]

[mailto:uros.stevanovic@kit.edu Uros.Stevanovic∂kit.edu]

= Further Informations =
[http://pp.info.uni-karlsruhe.de/lehre/WS201516/pse/ Informations regarding PSE WS2015/16 (German) ]

Latest revision as of 15:33, 20 March 2018

Zurück zur Themenliste

Description

OpenID logo.png

We are working in European scientific projects As part of this we need to enable federated single-sign-on to our systems.

This is where you come into play! You will implement a PAM service that will enable a user to login into any linux service.

You will be working with:

Requirements

  • English (all documentations/presentations will be in English)
  • Linux (basic knowledge, you should have seen the command line)
  • Python (basic knowledge)
  • eager to learn new things

What we provide

  • an international group of smart and fun people
  • several virtual machines as playground
  • a PSE project that will be used for real later on

Contact

Uros.Stevanovic∂kit.edu