State of the Raven
•Transferir como KEY, PDF•
0 gostou•747 visualizações
The state of the Raven central web authentication service at the University of Cambridge in May 2009. Presented to the University Techlinks community.
Recomendados
Mais conteúdo relacionado
Último
Último (20)
Destaque
Destaque (20)
State of the Raven
- 1. The State of the Raven Jon Warbrick University of Cambridge Computing Service jw35@cam.ac.uk
- 2. The State of the Raven Corvus corax Raven photo used under the terms of the GNU Free Documentation License. Author Pcb21.
- 3. The State of the Raven Raven Web Authentication
- 4. The State of the Raven 2002 A little history December 2002: the CS’s Oct Nov Dec SMT approve a proposal for a “Central, password-based web authentication service”
- 5. The State of the Raven 2003 August 2003: “A central web authentication system” Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec First talk to Webmasters
- 6. The State of the Raven 2004 January 2004: September 2004: Initial implementation Raven service reported to be launched Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec “Raven Web “The Raven Web “info.raven. Authentication” Authentication current.status” talk to Webmasters Service” talk to talk to Techlinks Webmasters
- 7. The State of the Raven 2005 October 2005: CamSIS exam entries, and CamCORS adopt Raven authentication Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
- 8. The State of the Raven 2006 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
- 9. The State of the Raven 2007 October 2007: January 2007: Shibboleth IdP Plans for a Shibboleth service launched; no service announced new Athens Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec “Introducing Shibboleth” talk to Techlinks
- 10. The State of the Raven 2008 July 2008: October 2008: UK central funding for Raven defaults to Athens service stops authenticating without asking Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
- 11. The State of the Raven 2009 March 2009: Support for Shib SPs in the Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec YOU ARE HERE!! The future
- 12. The State of the Raven 30,000 20,000 10,000 0 Jan 05 Jan 06 Jan 07 Jan 08 Jan 09 Distinct Raven users per month
- 13. The State of the Raven 600 450 300 150 0 Jan 05 Jan 06 Jan 07 Jan 08 Jan 09 Distinct web servers per month
- 14. The State of the Raven 8,000.000 5,333.333 2,666.667 0 Jan 08 Jan 09 Distinct Shib users per month
- 15. The State of the Raven 60 40 20 0 Jan 08 Jan 09 Distinct Shib SPs per month
- 16. The State of the Raven So, Shibboleth, remind me... “The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.” http://shibboleth.internet2.edu/ (emphasis mine)
- 17. The State of the Raven So, Shibboleth, remind me... Standards based, open source software package For web single sign-on Across or within organizational boundaries Informed authorization decisions Individual access Protected online resources Privacy-preserving
- 18. The State of the Raven So, Shibboleth, remind me... Components Identity Providers (IdPs) Service Providers (SPs) Discovery Services (DSs)
- 19. The State of the Raven Some use cases The University Inside Outside
- 20. The State of the Raven E-journals
- 21. The State of the Raven E-journals
- 22. The State of the Raven E-journals
- 23. The State of the Raven Windows IIS 7
- 24. The State of the Raven Windows IIS 7
- 25. The State of the Raven Authorization decisions
- 26. The State of the Raven Authorization decisions lookup
- 27. The State of the Raven Authorization decisions lookup X
- 28. The State of the Raven Authorization decisions lookup X
- 29. The State of the Raven “Other people”
- 30. The State of the Raven “Other people”
- 31. The State of the Raven “Other people”
- 32. The State of the Raven “Other people”
- 33. The State of the Raven Your own IdP X
- 34. The State of the Raven Your own IdP X
- 35. The State of the Raven Existing software
- 36. The State of the Raven Existing software
- 37. The State of the Raven Existing software EZproxy
- 38. The State of the Raven So, how do I do it? Install the software Installer to Windows (for IIS or Apache) Ports-based install for MacOS Binary RPMs for SLES10 and CentOS (a.k.a. RHEL) Source RPMs and source files
- 39. The State of the Raven So, how do I do it? (2) Customize config files (shibboleth2.xml) Start Shib daemon, (re-)start Apache Test Gives you a simple SP protecting /secure/ by requiring a Raven login
- 40. The State of the Raven Now what? Register your SP? Configure access control Configure virtual hosts Setup SSL?
- 41. The State of the Raven What’s the catch? XML-based config files (even under Windows!) All that software SSL and certificates and stuff Need to actually understand virtual hosting An extra daemon/process Generally more complicated :-((
- 42. The State of the Raven So how do I cope? https://wiki.csx.cam.ac.uk/raven/ Shibboleth_documentation_and_HOWTOs raven-support@ucs.cam.ac.uk cs-raven-discuss@lists.cam.ac.uk shibboleth-users@internet2.edu
- 43. The State of the Raven So how do I cope?
- 44. The State of the Raven The future “Prediction is very hard, especially about the future.” Niels Bohr
- 45. The State of the Raven The future Shibboleth 2.0 More attributes Other protocols: OpenID, WS-*, Oauth Non-web The “Identity Management Working Group”
- 46. The State of the Raven Thank you for listening There may be questions... ...including perhaps ‘Why “Shibboleth?”’
Notas do Editor
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n
- \n