TAP/UWS authentication - short survey
matthias egger
megger at MPA-Garching.MPG.DE
Mon Aug 8 09:43:42 PDT 2011
Hi DAL/Grid List Members,
in the course of (beta-) testing our TAP service with TOPCAT we again
came across the topic of authentication and SSO.
we need to protect our web services with a user-login, while TOPCAT's
TAP interface currently does not support this.
we wonder know, what is the best practice there in the context of ivoa,
tap/uws?
so i'd like to start a short discussion/survey about whether some of you
have similar requirements and esp. which - if any - authentication
system you are currently using, and possibly whether you also use
distributed (web-) SSO protocols like SAML2 or openID.
in short:
* do you run a TAP service which requires authentication
* if yes: which authentication method/system do you use:
* (HTTP) BASIC
* FORM-Based
* X.509 Certificates
* SAML2
* OpenID
* other: ?
background is that we need to put security on top of our
web-applications (also considering frameworks like openID and
SAML2/Shibboleth) and would like to hear what is most common and
recommend in ivoa,
also whether it is worth implementing (most common web-) authentication
support in client tools e.g. TOPCAT.
any feedback is every welcome.
thanks and regards! matthias
--
--------------------------------------------------
Matthias Egger
Max Planck Institute for Astrophysics
web: www.mpa-garching.mpg.de
email: megger at mpa-garching.mpg.de
fon: +49-89-30000-2040
fax: +49-89-30000-2235
--------------------------------------------------
More information about the grid
mailing list