Enabling OpenID Authentication for VO-integrated Portals

Raymond Plante (National Center for Supercomputing Applications/UIUC), Venkat Yekkirala (NCSA), Bill Baker (NCSA)


Abstract

To support interoperating services that share proprietary data and other user-specific information, the VAO Project provides login services for browser-based portals built on the open standard, OpenID. To help portal developers take advantage of this service, we have developed a downloadable toolkit for integrating OpenID single sign-on support into any portal. This toolkit provides APIs in a few languages commonly used on the server-side as well as a command-line version for use in any language. In addition to describing how to use this toolkit, we also discuss the general VAO framework for single sign-on. While a portal may, if it wishes, support any OpenID provider, the VAO service provides a few extra features to support VO interoperability. This includes a portal's ability to retrieve (with the user's permissian) an X.509 certificate representing the authenticated user so that the portal can access other restricted services on the user's behalf. Other standard features of OpenID allow portals to request other information about the user; this feature will be used in the future for sharing information about a user's group membership to enable sharing within a group of collaborating scientists.

Paper ID: P118

Poster Instructions




Latest News

Quick links

ADASS XXI Conference Poster

Download the Official Conference Flyer:

JPG:   A4  A3

PDF (with printer marks):

8.5in x 11in  11in x 17in  A4  A3  A2