MSO and multiple communities

Kevin Benson kmb at mssl.ucl.ac.uk
Tue Jul 6 07:03:49 PDT 2004


Thought I would give out this web site that deals with the same type of
problems we are dealing with.  It seems the web site has came along way
since I last viewed it (many months ago).  And originally did not give you
any benefit dealing with web services, but most of the information we are
asking about and debating on they tend to address.  Unfortunately it
seems to use SAML.

http://www.sourceid.org

Cheers,
Kevin

p.s. And to my bit on Guy's question, not certain, but I would say "yes"
you might want harvesting, or we may have to keep asking the original
community about a particular identity.

On Tue, 6 Jul 2004, Guy Rixon wrote:

> Should communities, therefore, have a harvesting arrangement for user
> identities like the resource registry, such that every community knows about
> every user identity and knows the community where that identity originated?
>
>
> On Tue, 6 Jul 2004, Tony Linde wrote:
>
> > > I think it's vital for one user "account" to be allowed to be
> > > a member of more than one community (think unix groups model here)...
> >
> > I think that's the function of groups, not communities. A community means
> > nothing, confers no privileges. It's the same as whether you register a
> > resource at one regsitry or another, it means nothing apart from the
> > identifer you end up with.
> >
> > Cheers,
> > Tony.
> >
> > > -----Original Message-----
> > > From: owner-grid at eso.org [mailto:owner-grid at eso.org] On
> > > Behalf Of Alasdair Allan
> > > Sent: 06 July 2004 13:44
> > > To: Guy Rixon
> > > Cc: grid at ivoa.net
> > > Subject: Re: MSO and multiple communities
> > >
> > >
> > > > In light of Tony's last message, I ask the group whether we are to
> > > > proceed with the abilities to have accounts at more than one
> > > > community, to federate communities and to allow credentials
> > > for an SSO
> > > > session to be collected from more than one server. If not, then the
> > > > nature of the system is changed; some processes are simplified and
> > > > some are made impossible.
> > >
> > > I think it's vital for one user "account" to be allowed to be
> > > a member of more than one community (think unix groups model here)...
> > >
> > > Al.
> > > --
> > > Dr. A. Allan, School of Physics, University of Exeter
> > >
> >
>
> Guy Rixon 				        gtr at ast.cam.ac.uk
> Institute of Astronomy   	                Tel: +44-1223-337542
> Madingley Road, Cambridge, UK, CB3 0HA		Fax: +44-1223-337523
>



More information about the grid mailing list