1 / 4

GGUS user authentication

This document outlines the evolution of GGUS user authentication processes since its inception. Initially permitting registration with just a username and password, stricter measures were implemented in January 2012, requiring a certificate due to an influx of spam accounts. Users must be authenticated, and the reliance solely on SSO (Single Sign-On) accounts is deemed insufficient. The implementation of X.509 authentication for WLCG users is emphasized, alongside alternative trustworthy methods like Shibboleth, already utilized within the xGUS system for the SWISS instance.

race
Télécharger la présentation

GGUS user authentication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. GGUS user authentication Helmut Dres (GGUS) Guenter Grein (GGUS) 05-02-2013 GGUS user authentication

  2. History • Registration with username and password possible since beginning of GGUS • Certificate required for registration since January 2012 after recognizing several spam accounts in the system • https://savannah.cern.ch/support/?func=detailitem&item_id=125360 • Access with username/password still possible GGUS user authentication

  3. Requirements • Users must be authenticated! • SSO account and membership of SSO groups is not sufficient and not comfortable • Keep X.509 authentication for WLCGusers • Other authentication processes as an alternative to X.509 GGUS user authentication

  4. Ideas • Shibboleth • Already implemented in xGUS for the SWISS instance • Any other (federated) authenticationprocessthatistrustworthy GGUS user authentication

More Related