Name: umbrellaID Technical Training
Start: 2021-02-04T09:30:00+01:00
End: 2021-02-04T17:00:00+01:00
Location: No location set

umbrellaID Technical Training

Thursday 4 February 2021 - 09:30

Monday 1 February 2021
Tuesday 2 February 2021
Wednesday 3 February 2021
Thursday 4 February 2021
09:30 Introduction - BjÃ¶rn Erik Abt (PSI - Paul Scherrer Institut) Jean-François Perrin (ESRF)
Introduction
- BjÃ¶rn Erik Abt (PSI - Paul Scherrer Institut)
- Jean-François Perrin (ESRF)
09:30 - 09:45
09:45 What is umbrellaID and current status of developments - Jean-François Perrin (ESRF)
What is umbrellaID and current status of developments
- Jean-François Perrin (ESRF)
09:45 - 10:00
10:00 Overview of AARC and EOSC AAI - Christos Kanellopoulos
Overview of AARC and EOSC AAI
- Christos Kanellopoulos
10:00 - 10:25
10:25 Authorisation Model - Jean-François Perrin (ESRF)
Authorisation Model
- Jean-François Perrin (ESRF)
10:25 - 10:45
Local mapping of identities. Community model.
10:45 Morning virtual coffee break
Morning virtual coffee break
10:45 - 11:00
11:00 SSO - SAML and OIDC - Christos Kanellopoulos BjÃ¶rn Erik Abt (PSI - Paul Scherrer Institut)
SSO - SAML and OIDC
- Christos Kanellopoulos
- BjÃ¶rn Erik Abt (PSI - Paul Scherrer Institut)
11:00 - 11:45
Introduction of protocols. Explanation of the workflows. How are the tokens travelling? Tools for debugging. Q&A
11:45 Keycloak introduction - Jean-François Perrin (ESRF)
Keycloak introduction
- Jean-François Perrin (ESRF)
11:45 - 12:00
Local SSO, keycloak as an example.
12:00 Lunch
Lunch
12:00 - 13:30
13:30 Hands on session: Keycloak deployment and integration with UmbrellaID - Jean-François Perrin (ESRF)
Hands on session: Keycloak deployment and integration with UmbrellaID
- Jean-François Perrin (ESRF)
13:30 - 15:15
In order to get the full benefit from this session, participants need to have access to a Linux machine (a VM will be perfect) and are guided in installing keycloak. This machine should have access to the internet and should be accessible from the internet (ideally direct access, but HTTP proxy and reverse HTTP proxy are also valid scenarios to get these access). DNS resolution should be in place and should be identical from everywhere (I.E. the machine should be referenced with the same domain name from the RI/lab intranet and public internet network), you also need to have a valid X509 server certificate. Once the keycloak instance will be set up we will link it to the umbrellaID acceptance environment to demonstrate the full flow.
15:15 Afternoon virtual coffee break
Afternoon virtual coffee break
15:15 - 15:30
15:30 cURL demonstration of OIDC and the integration in your application - Christos Kanellopoulos BjÃ¶rn Erik Abt (PSI - Paul Scherrer Institut)
cURL demonstration of OIDC and the integration in your application
- Christos Kanellopoulos
- BjÃ¶rn Erik Abt (PSI - Paul Scherrer Institut)
15:30 - 16:30
16:30 Wrapup and Q&A - Christos Kanellopoulos BjÃ¶rn Erik Abt (PSI - Paul Scherrer Institut) Jean-François Perrin (ESRF)
Wrapup and Q&A
- Christos Kanellopoulos
- BjÃ¶rn Erik Abt (PSI - Paul Scherrer Institut)
- Jean-François Perrin (ESRF)
16:30 - 16:50