Piloted solutions

Piloted solutions

[vc_row][vc_column][vc_column_text]

The AARC team has piloted existing AAI solutions to assess whether they meet the functional and technical integration requirements of research communities and e-infrastructures. Where possible, the components were improved with additional features as needed.

Our goal is to improve the usability and the visibility of useful AAI solutions and components. To do this, they are described according to a standard template that includes the aim of the pilot, the software sources used, a functional flow and where possible a live demo. (All links lead to the AARC wiki.)[/vc_column_text][vc_separator color=”orange”][vc_column_text]

Solutions to expand the reach of federated access

[/vc_column_text][vc_row_inner content_placement=”middle”][vc_column_inner width=”4/12″][vc_column_text]

Libraries Consortium Proxies

The SP-IdP proxy architecture can be used by a library consortium to reduce the number of interactions between identity providers and service providers from both a technical and trust point of view, while preserving the privacy of users.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fx%2F6oCuAw||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][vc_column_inner width=”4/12″][vc_column_text]

Linking persistent IDs

Leveraging COmanage allows researchers to link their ORCID identity to institutional accounts, and to write ORCID to LDAP for use in collaboration services.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fx%2FWAH5Aw||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][/vc_row_inner][vc_row_inner content_placement=”middle”][vc_column_inner width=”4/12″][vc_column_text]

Libraries EZproxy access mode switch pilot

EZproxy can act as a switch from IP based proxy to access non-federated resources to SAML SSO redirect proxy, to entitle users to federated online resources if they own SAML2-IDP provided credentials.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FLibraries%2BEZproxy%2Baccess%2Bmode%2Bswitch%2Bpilot||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][vc_column_inner width=”4/12″][vc_column_text]

Libraries walk-in-user pilot

Provide access to library resources for users without federated identities via a kiosk.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FLibraries%2Bwalk-in-user%2Bpilot||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][/vc_row_inner][vc_row_inner content_placement=”middle”][vc_column_inner width=”4/12″][vc_column_text]

External identity provider pilot

Support researchers who are not affiliated with traditional home organisations, as well as those whose identity providers are not part of any of the eduGAIN federations.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FExternal%2Bidentity%2Bprovider%2Bpilot||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][vc_column_inner width=”4/12″][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][/vc_row_inner][vc_separator color=”orange”][vc_column_text]

Testing technical and policy components

[/vc_column_text][vc_row_inner content_placement=”middle”][vc_column_inner width=”4/12″][vc_column_text]

BBMRI AAI Pilot

Manage group membership attributes or other attributes from multiple sources, which can be used in a federated environment to regulate access to BBMRI services.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FAttribute%2BManagement%2Bpilot%2BBBMRI||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][vc_column_inner width=”4/12″][vc_column_text]

Perun VOMS CILogon Pilot

Enable certificate-based access to Elixir and EGI services with VOMS and RCAuth.eu.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FPerun%2BVOMS%2BCILogon%2Bpilot|||”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][/vc_row_inner][vc_row_inner content_placement=”middle”][vc_column_inner width=”4/12″][vc_column_text]

IGTF to eduGAIN proxy

Re-use existing issued certificates in order to access services published to eduGAIN.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FUsing%2Ba%2Bcertificate%2Bto%2Baccess%2BeduGAIN%2Bservices%2Bpilot|||”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][vc_column_inner width=”4/12″][vc_column_text]

RCAuth pilot

Enables access to X.509-based resources via federated login and without the need for users to understand the intricacies of a Public Key Infrastructure: RCAuth.eu[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FCILogon-like%2Bpilot||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][/vc_row_inner][vc_row_inner content_placement=”middle”][vc_column_inner width=”4/12″][vc_column_text]

COmanage SSH pilot

Enable a researcher to enrol a collaborative organisation and to upload an SSH public key for access to non-web resources with COmanage.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FCOmanage%2BSSH%2Bpilot||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][vc_column_inner width=”4/12″][vc_column_text]

WaTTS SSH-plugin

Manage credentials for services that do not natively support OpenID Connect by using the WaTTS token translation service.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FWaTTS%2BSSH%2Bplugin%2B-%2BSSH%2Baccess%2Busing%2BOIDC%2Blogin||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][/vc_row_inner][vc_row_inner content_placement=”middle”][vc_column_inner width=”4/12″][vc_column_text]

WaTTS RCauth-plugin

Use OIDC to generate a session where an RCauth Certificate is stored in WaTTS.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FWaTTS%2BRCauth%2Bplugin%2B-%2BObtaining%2BIOTA%2Bproxy%2Bcertificates%2Bwith%2BOIDC||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][vc_column_inner width=”4/12″][vc_column_text]

LDAP Facade CLI pilot

Provide access to non-web resources via SAML and PAM with LDAPfacade.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FLDAP%2BFacade%2BCLI%2Bpilot||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][/vc_row_inner][vc_separator color=”orange”][vc_column_text]

Cross infrastructure pilots

[/vc_column_text][vc_row_inner content_placement=”middle”][vc_column_inner width=”4/12″][vc_column_text]

EGI – EUDAT pilot

Allow end-users to transparently access EGI and EUDAT resources with an institutional account.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FEUDAT-EGI%2Bpilot%2Bfor%2Bcross-infrastructure%2Baccess%2Bto%2Bresources||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][vc_column_inner width=”4/12″][vc_column_text]

EUDAT – PRACE pilot

Enable automatic provisioning of accounts on EUDAT from PRACE.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FEUDAT-PRACE%2Bpilot||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][/vc_row_inner][vc_separator color=”orange”][vc_column_text]

Enabling federated access to third party services

[/vc_column_text][vc_row_inner content_placement=”middle”][vc_column_inner width=”4/12″][vc_column_text]

Seafile with SAML federation pilot

Enable federated access and IdP selection to get access to the Seafile file sync and share service.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FSeafile%2Bwith%2BSAML%2Bfederation%2Bpilot||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][vc_column_inner width=”4/12″][vc_column_text]

Collabora & NextCloud Demos

Explore federated access to the NextCloud web-based document management service and the Collabora Online office suite.[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/12″][vc_btn title=”More info” style=”outline” color=”warning” link=”url:https%3A%2F%2Fwiki.geant.org%2Fdisplay%2FAARC%2FCollabora%2Band%2BNextCloud%2BSAML%2Bfederation%2Bpilot||target:%20_blank|”][/vc_column_inner][vc_column_inner width=”1/12″][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row]