6–8 May 2019
WCW Congress Centre
Europe/Amsterdam timezone

Integration of OPENCoastS in EGI Check-in

6 May 2019, 15:30
15m
VK1,2 SURFsara (WCW Congress Centre)

VK1,2 SURFsara

WCW Congress Centre

Science Park 123 1098 XG Amsterdam

Speaker

Mario David (LIP Lisbon)

Description

OPENCoastS is a thematic service in the scope of EOSC-hub project. This service builds on-demand circulation forecast systems for user-selected sections of the coast and maintains them running operationally for the time frame defined by the user. In this presentation we describe the process and experience of integrating OPENCoastS with the EGI Checkin service. The user registration and authentication on the OPENCoastS service can be done in two ways: through the EGI Checkin Federated Identity, based on OpenID protocol, or by direct registration. In either case a new user is registered in the OPENCoastS backend database. The OPENCoastS frontend is a Python/Django application, thus the django-auth-oidc package was used to support OpenID Connect authentication. The process to enable OPENCoastS as service provider in the EGI Check-in followed the description in [1]. The first step was to register the service [2] in the test instance of EGI Check-in. Afterwards, the federated IdP test instance can be enabled in the OPENCoastS service for tests. At this point, users that are authenticated through the EGI Check-in are able to test the registration and request access to the service. During this phase it was necessary to define a set of policies (profiles, roles and priorities) and implement them at the level of OPENCoastS database backend. Upon successful testing, the second phase was to request EGI AAI to move the service from the testing environment to production: https://aai.egi.eu/oidc/. In this step, the registered ClientID and Secret of the SP was preserved. Similarly to OPENCoastS, the endpoint URL of the federated identity service, was changed to the production one. In summary, OPENCoastS was successfully integrated in the EGI Check-in service, in a transparent way. Overall the process was not overly complex either from the operational as well as from the programatically point of view. Choosing OpenID as the authentication protocol did simplify the process when compared with the SAML protocol. [1] AAI guide for SPs: https://wiki.egi.eu/wiki/AAI_guide_for_SPs [2] OPENCoastS service: https://opencoasts.ncg.ingrid.pt
Type of abstract Presentation

Primary author

Mario David (LIP Lisbon)

Co-authors

Alberto Azevedo (LNEC - Laboratório Nacional de Engenharia Civil) Anabela Oliveira (National Laboratory for Civil Engineers) Joana Teixeira (LNEC - Laboratório Nacional de Engenharia Civil) Joao Pina (LIP) Joao Rogeiro (LNEC - Laboratório Nacional de Engenharia Civil) Jorge Gomes (LIP) Samuel Bernardo (LIP)

Presentation materials