OpenID Connect for Linux: Difference between revisions
From Lsdf
Jump to navigationJump to search
Line 21: | Line 21: | ||
And you will implement: |
And you will implement: |
||
* a RESTful webservice |
* a RESTful webservice |
||
* remote execution of code, e.g. using a ssh-connection |
* remote execution of code, e.g. using a ssh-connection (could be by using [http://www.ansible.com/ Anisble]) |
||
* multiple different plugins for the services that need authorization/authentication |
* multiple different plugins for the services that need authorization/authentication |
||
Revision as of 15:18, 13 October 2015
Description
We are working at the European scientific project called INDIGO Data Cloud. As part of that there is a need to harmonize identities all over the European Federations and provide an easy to use single sing on system.
This is where you come into play! You will implement a service that will enable a user to login at a single-sign-on system and use those credentials to do e.g. ssh, ftp or even S3.
Our Idea is a RESTful service with a plugin-interface. Plugins will be provided and implemented on a end-service base.
So during your PSE you will be working with:
- OpenID Connect
- OAuth 2.0
- Json Web Tokens (JWT)
- Lightweight Directory Access Protocol (LDAP)
- Security Considerations
And you will implement:
- a RESTful webservice
- remote execution of code, e.g. using a ssh-connection (could be by using Anisble)
- multiple different plugins for the services that need authorization/authentication
Goals
- Requirement specification (Pflichtenheft)
- System Design (Systementwurf)
- Implementation (Implementierung)
- Validation (Validierung (Qualitätskontrolle/Softwaretest))
- Projektabnahme und Abschlussveranstaltung
Requirements
- English
- Linux
- Python, even better: Erlang
What we provide
- a group of smart and fun people
- several virtual machines as playground (yes, Linux and root ;) )
- a PSE project that will be used for real later on