MSO and multiple communities
Dave Morris
dave at ast.cam.ac.uk
Tue Jul 6 07:17:06 PDT 2004
Guy Rixon wrote:
>Should communities, therefore, have a harvesting arrangement for user
>identities like the resource registry, such that every community knows about
>every user identity and knows the community where that identity originated?
>
>
No need for a harvest, all you need to know is where to lookup the
information you want.
This is one of the reasons why AstroGrid has the Community ident as part
of the Account ident.
eg
ivo://ast.cam.ac.uk/community
is the ivo identifier for a registered Community service
ivo://ast.cam.ac.uk/community#dave
is the identifier for an Account in that Community.
If you want to check the certificates or group membership for
ivo://ast.cam.ac.uk/community#dave
ask the Community service at
ivo://ast.cam.ac.uk/community
It also solves the globally unique naming problem, 'dave' is not unique,
but add the community identifier and
'ivo://ast.cam.ac.uk/community#dave' is a globally unique identifier.
Each community service can manage the names within its space, without
having to check the whole Vo for conflicting names.
The group membership information does not need to be globally replicated.
If you are registered with the Community at Cambridge, then the
Cambridge Community service can keep a list of groups you are a member of.
If you are added to a Group at Leicester, then the Leicester Community
keeps the 'authoritative' record of this, but it can call the Cambridge
Community to update your membership list.
Dave
More information about the grid
mailing list