Innovation through participation
eduGAIN TrainingFederation Metadata Management Tools
eduGAIN Training Vienna 17 Oct 2011
Brook Schofield, TERENA
Innovation through participation
eduGAIN Metadata Management Opt’s
Goal is to create a SAML metadata file
Tip #1: Brook doesn’t understand this space… proceed with caution.
Options as I see them:
Manual (use an XML editor)
Some Automation via Scripts/Version Control
Metadata Management Tools
– SWITCH Resource Registry
– JANUS-SSP
– Federation Registry (AAF)
Innovation through participation
Types of Federations
4-Types of Federation
Mesh
Hub&Spoke/Centralised
Aggregate (Kalmar2, eduGAIN) have their own tools (MDS)
X.509 (IGTF)
Most prominent are:
Mesh (27 instances)
Hub&Spoke (7 instances either centralised/distributed
Tip #2: Stats from the “Proof of Concept” Service Catalogue.
Innovation through participation
…hand me the envelope!
Question SWITCH RR Fed Reg AAF JANUS-SSP In-House
Which Federation?
SWITCHaai, Haka, NIIF, Edugate
AAF, Tuakiri (NZ), CAFe
WAYF, SURFconext
Belnet, ACOnet-aai, RENATER, AAI@EduHR, SURFfederatie
Customisation Lots None Lots
Language PHP Groovy PHP XSLT, Perl, PHP
Missing Features
Dependent on generation of software.
eduGAIN “opt-in”, MDUI, MD Aggregation
*eduGAIN “opt-in”, MD Aggregation
Self-Service, eduGAIN “optin”, MDUI,MD Aggregate
*Process available but requires documentation.
NB:- Signing of metadata outside the scope of these tools – solutions exist.
Innovation through participation
What is eduGAIN doing about this?
Federation Registry (AAF)
Working with the NZ Summer of eResearch Project
2 students for 10 weeks for 40 hours per week (800 total hours)
Goal is to implement:
– eduGAIN “opt-in” process for Federation Registry
– …and add support for DiscoJuiceJSON
Will pave the way for extra-European federations
JANUS-SSP (Primarily WAYF)
AMRES’ new identity federation utilising JANUS-SSP in mesh arch.
Interest from Edugate and others in extending feature set
Tip #3 Contact Brook if you can participate in this work.