Feide Connect TNC2014


Published on

Feide Connect presentation at TNC2014

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Feide Connect TNC2014

  1. 1. Feide Connect Next generation service platform for 
 educational users in Norway. andreas.solberg@uninett.no Andreas Åkre Solberg Dublin, May 2014
  2. 2. Feide Connect research and development activity The presented work is from an operational prototype
 varies from experimental to more mature a production-level service is in planning 2
  3. 3. 3 The gap between services’ needs and supporting middleware infrastructure is increasing
  4. 4. What we have today does not properly support mobile does not properly support three-tier,
 services that interacts with services
 (data in other adm.domains) Complex setup (SAML) Complex cross-federation setup 4
  5. 5. 5 Today everything is about APIs
  6. 6. 6 SAML is great for SSO - not everything else
  7. 7. Lets build…
  8. 8. 8 HTTP
  9. 9. 9 HTTP OAuth 2.0 Authorization management
  10. 10. 10 HTTP OAuth 2.0 Authorization management OpenID Connect SCIM VOOTeduPerson++ 3rd party APIs+++PeopleSearch ActivityStreams
  11. 11. 11 HTTP OAuth 2.0 Authorization management OpenID Connect SCIM VOOTeduPerson++ 3rd party APIs+++ App Engine Javascript PaaS Groups AppStore Feed DevDashboard App Documentation App Inspect App Authorization Dialog Workflow UNINETT AS info@uninett.no
  12. 12. Developer Dashboard
  13. 13. 13 Groups Clients GroupEngine Parallell aggregator SCIM VOOT Ad-hoc groups FS Common Student System Feide attributes Feide attributes
  14. 14. 14 Groups Manage ad-hoc groups using groups and peoplesearch APIs
  15. 15. 15 ActivityStreams
  16. 16. 16 etherpad demo Non-intrusive etherpad plugin
 no modifications No external dependencies whatsoever!
 Not even simplesamlphp ;) Uses Feide Connect for 
 authentication and groups. Setup with auto-configure
  17. 17. 17 etherpad demo
  18. 18. 18 Clients API Gatekeeper 3rd party APIs Authorization workflow Auth OAuth server HTTP API + OAuth Self service GET /api/0/items HTTP/1.0 Authorization: xxxxx Host: 3rd-domain.org FC-UserID: andreas@uninett.no FC-Groups: x001, x002, x009 FC-Scopes: readaccess FC-ClientID: 4thparty-org001 3rd.api.feideconnect.edu established trust api.3rdparty.org
  19. 19. 19 Not solved yet Still much implementations to do Contracts and legal work Payment model Smooth logout experience with SLO, OAuth, web, applications and mobile.
  20. 20. 20 …some more stuff
  21. 21. 21 App Store in the works…
  22. 22. 22 Frontend protocols service to service service to platform Javascript window.postMessage «Federated» iframes with isPassive=true
  23. 23. 23 Adobe Connect Widget demo Can be used «anywhere»! Just copy and paste a short JS sniplet. Can easily be setup to adopt surrounding group environment, to set «current group». Fully controlled authorization and access controll for Adobe Connect. No pre- configuration whatsover for endusers.
  24. 24. 24
  25. 25. 25 Autoconfigure demo Simplify registration of service providers Can be prepacked with popular applications;
 in.e. wordpress (plugin demoed) ! Wordpress plugin with no external dependencies.
  26. 26. 26
  27. 27. 27 feed Widget demo Widget push shared news or any «activity» to activity stream Another widget presents «news» within a group in a collaboration service (Liferay)
  28. 28. 2828 Feed Widget! Shows an aggregated feed of activities for the current selected group across all collaboration tools. Share widget! Can be easily integrated anywhere. Will share a link to the current web page to the activity stream for the current user in a selected group context.
  29. 29. 29 That’s it. Thanks for attending this presentation! andreas@uninett.no