Difference between revisions of "OpenID Connect for Linux"
From Lsdf
(→Description) |
|||
(25 intermediate revisions by 3 users not shown) | |||
Line 2: | Line 2: | ||
= Description = |
= Description = |
||
+ | [[File:OpenID_logo.png | right | frameless ]] |
||
− | We are working at the European scientific project called |
||
+ | We are working in European scientific projects |
||
− | INDIGO Data Cloud. As part of that there is a need to harmonize identities all over the European Federations and provide an easy to use single sing on system. |
||
+ | As part of this we need to enable federated single-sign-on to our systems. |
||
This is where you come into play! |
This is where you come into play! |
||
− | You will implement a service that will enable a user to login |
+ | You will implement a PAM service that will enable a user to login into any linux service. |
− | and use those credentials to do e.g. ssh, ftp or even S3. |
||
+ | You will be working with: |
||
− | Our Idea is a RESTful service with a plugin-interface. |
||
− | Plugins will be provided and implemented on a end-service base. |
||
− | |||
− | So during your PSE you will be working with: |
||
* [http://openid.net/connect/ OpenID Connect] |
* [http://openid.net/connect/ OpenID Connect] |
||
− | * [http://oauth.net/2/ OAuth 2.0] |
||
* [http://jwt.io/ Json Web Tokens (JWT)] |
* [http://jwt.io/ Json Web Tokens (JWT)] |
||
− | * [https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol Lightweight Directory Access Protocol (LDAP)] |
||
* Security Considerations |
* Security Considerations |
||
+ | * Concurrency |
||
− | |||
− | And you will implement: |
||
− | * a RESTful webservice |
||
− | * remote execution of code, e.g. using a ssh-connection |
||
− | * multiple different plugins for the services that need authorization/authentication |
||
− | |||
− | = Goals = |
||
− | * Requirement specification (Pflichtenheft) |
||
− | * System Design (Systementwurf) |
||
− | * Implementation (Implementierung) |
||
− | * Validation (Validierung (Qualitätskontrolle/Softwaretest)) |
||
− | * Projektabnahme und Abschlussveranstaltung |
||
=Requirements= |
=Requirements= |
||
+ | * English (all documentations/presentations will be in English) |
||
− | * English |
||
+ | * Linux (basic knowledge, you should have seen the command line) |
||
− | * Linux |
||
− | * Python |
+ | * Python (basic knowledge) |
+ | * eager to learn new things |
||
= What we provide = |
= What we provide = |
||
− | * |
+ | * an international group of smart and fun people |
− | * several virtual machines as playground |
+ | * several virtual machines as playground |
* a PSE project that will be used for real later on |
* a PSE project that will be used for real later on |
||
= Contact = |
= Contact = |
||
− | [mailto: |
+ | [mailto:hardt@kit.edu Uros.Stevanovic∂kit.edu] |
− | |||
− | [mailto:benjamin.ertl@kit.edu Benjamin.Ertl∂kit.edu] |
||
− | |||
− | [mailto:uros.stevanovic@kit.edu Uros.Stevanovic∂kit.edu] |
||
− | |||
− | = Further Informations = |
||
− | [http://pp.info.uni-karlsruhe.de/lehre/WS201516/pse/ Informations regarding PSE WS2015/16 (German) ] |
Latest revision as of 15:33, 20 March 2018
Description
We are working in European scientific projects As part of this we need to enable federated single-sign-on to our systems.
This is where you come into play! You will implement a PAM service that will enable a user to login into any linux service.
You will be working with:
- OpenID Connect
- Json Web Tokens (JWT)
- Security Considerations
- Concurrency
Requirements
- English (all documentations/presentations will be in English)
- Linux (basic knowledge, you should have seen the command line)
- Python (basic knowledge)
- eager to learn new things
What we provide
- an international group of smart and fun people
- several virtual machines as playground
- a PSE project that will be used for real later on