Portal-based User Registration Service

(PURSe)

Marcus Christie, Indiana University

Rachana Anathakrishnan, ANL

2

Goals

Ease user registration and credential management

Solution to integrate various tools like MyProxy and Simple CA

Independent set of modules with relevant functionality Pluggable Customizable

Most suited for portals

3

Architecture Solicits basic user data from user

Stored in backend database, any JDBC database Sends notification to administrator Administrator interface allows for accept/reject of

user On accept:

Generates new user credential using configured CA Uploads credential to MyProxy server Sends user confirmation email

On reject: Sends user email with informaion

4

Other Features

Upload of existing credentials Certificate and Registration authorities as

separate entities Secure email notifications Notification of imminent credential

expiration

5

Benefits

Automates user registration User data available in database

User’s don’t have to manage credentials Portal has access to credential from

MyProxy server, if needed

6

Status

Users Earth Systems Grid project, ~4000 users SWEGrid National Virtual Observatory, NCSA

Development Open source project Dev.globus incubator project

7

User registration interface

Customizable

8

Sample email messages(a) Email confirmation step: message sent to user

Date: Thu, 1 Jul 2004 14:25:47 -0600 (MDT) From: esgport@ucar.edu To: john_smart@ucar.eduSubject: ESG Registration

The Earth System Grid (ESG) Portal received a request for a new user account that uses your email address. Click on the link below to confirm your request (NOTE: you will not be able to login until you receive an email from the portal administrator indicating your request has been approved):

http://www.earthsystemgrid.org/security/confirmRequest.do?token=000000fd-7c62-605c-ffffdea0-766ad9819840

If you did not request this account, please inform us at esg-admin@earthsystemgrid.org.

Thank you,

ESG System Administrator

(b) Email sent to CA operator for approval

From: esgport@ucar.edu Date: July 1, 2004 12:17:07 AM MDT To: esg-ca@ucar.edu Subject: ESG Registration

A request has been made for user account on the ESG Portal. You may access the details of the request by clicking on the following link.

http://www.earthsystemgrid.org/administration/accountRequestData.do?token=000000fd-2e0e-5d33-00006ac0-8387f64897be

Customizable

9

RA/CA Form

Customizable

10

PURSe Portlets

JSR 168 compliant portlets Tested and deployed in GridSphere

JavaServer Faces/MyFaces A suite of 4 different portlets

Registration Forgot Password? User Information Admin interface

Developed as part of OGCE and LEAD projects Current release version is 1.0.1

11

Registering for an account

12

Verifying Email Address

13

Email address confirmed

14

Administrator Approving

15

Administrator Approving

16

User gets acceptance email

17

User can now log in

18

Verifying user account

19

PURSe Portlet Registration Module

Interface org.ogce.purse.api.RegistrationModule Implement onEvent(PurseEvent e) {}; Events:

Registered Confirmed Accepted Password Update

Registration modules for GridSphere 2.1, 2.2

20

Future Work

A 1.1 release coming soon Sync up with mainline PURSe Upgrade MyFaces, migrate to Facelets Add support for group management Add admin create account interface

Batch create as well? Installing scripts

21

Wrap Up

PURSe web page: http://dev.globus.org/wiki/Incubator/PURSe

PURSe Portlets web page: http://www.extreme.indiana.edu/portals/purse-portlets/

Questions? Email: machrist@cs.indiana.edu