Upload
andreas-akre-solberg
View
523
Download
2
Tags:
Embed Size (px)
DESCRIPTION
Feide Connect presentation at TNC2014
Citation preview
Feide ConnectNext generation service platform for educational users in Norway.
[email protected] Åkre Solberg
Dublin, May 2014
Feide Connect
research and development activity
The presented work is from an operational prototypevaries from experimental to more mature
a production-level service is in planning
2
3
The gap between services’ needs and supporting middleware infrastructure
is increasing
What we have today
does not properly support mobile
does not properly support three-tier, services that interacts with services (data in other adm.domains)
Complex setup (SAML)
Complex cross-federation setup
4
5
Today everything is about
APIs
6
SAML is great for SSO - not everything else
Lets build…
8
HTTP
9
HTTPOAuth 2.0
Authorization management
10
HTTPOAuth 2.0
Authorization managementOpenID Connect SCIM
VOOTeduPerson++
3rd party APIs+++PeopleSearch ActivityStreams
11
HTTPOAuth 2.0
Authorization managementOpenID Connect SCIM
VOOTeduPerson++
3rd party APIs+++
App EngineJavascript PaaS
Groups AppStore Feed
DevDashboard
App
Documentation
App
Inspect
App
Authorization Dialog
Workflow
UNINETT [email protected]
Developer Dashboard
13
Groups
Clients
GroupEngineParallell aggregator
SCIM
VOOT
Ad-hocgroups
FSCommon Student System
Feideattributes
Feideattributes
14
Groups Manage
ad-hoc groups
using groups and peoplesearch
APIs
15
ActivityStreams
16
etherpad demo
Non-intrusive etherpad plugin no modifications
No external dependencies whatsoever! Not even simplesamlphp ;)
Uses Feide Connect for authentication and groups.
Setup with auto-configure
17
etherpad demo
18
Clients
API Gatekeeper
3rd party APIs
Authorization workflow Auth
OAuth server
HTTP API+ OAuth
Selfservice
GET /api/0/items HTTP/1.0Authorization: xxxxxHost: 3rd-domain.orgFC-UserID: [email protected]: x001, x002, x009FC-Scopes: readaccessFC-ClientID: 4thparty-org001
3rd.api.feideconnect.edu
established trust
api.3rdparty.org
19
Not solved yet
Still much implementations to do
Contracts and legal work
Payment model
Smooth logout experience with SLO, OAuth, web, applications and mobile.
20
…some more stuff
21
App Store in the works…
22
Frontend protocols service to service
service to platform
Javascript window.postMessage «Federated» iframes with isPassive=true
23
Adobe Connect Widget demoCan be used «anywhere»!
Just copy and paste a short JS sniplet.
Can easily be setup to adopt surrounding group environment, to set «current group».
Fully controlled authorization and access controll for Adobe Connect. No pre-configuration whatsover for endusers.
24
25
Autoconfigure demoSimplify registration of service providers
Can be prepacked with popular applications;in.e. wordpress (plugin demoed)
!Wordpress plugin with no external dependencies.
26
27
feed Widget demo
Widget push shared news or any «activity» to activity stream
Another widget presents «news» within a group in a collaboration service (Liferay)
2828
Feed Widget!Shows an aggregated feed of activities for the current
selected group across all collaboration tools.
Share widget!Can be easily integrated anywhere. Will share a link to the current web page
to the activity stream for the current user in a selected group context.