Presentatie Code Jam Niels van Dijk

558 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
558
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Presentatie Code Jam Niels van Dijk

  1. 1. SURFconext codeJamNiels van Dijk, Technical Product Manager SURFconextUtrecht, November 2011
  2. 2. The Collaboration gameModern universities are developing towards loose conglomerates of (inter)discipline expertise→ Collaboration is therefore core business→ Scientific collaboration involves groups of people in multiple institutions, disciplines and countries→ Collaboration is about using shared resources
  3. 3. A distributed landscapeLearning and science combines resources from multiple sources:→ The core resources are within the local domain, but may be within multiple institutions → and the generic collaboration services in the cloud
  4. 4. 4 (C) 2009 SURFnet B.V.
  5. 5. SURFconext components
  6. 6. Functional components
  7. 7. Basic Concepts- Identity Federations, SAML and attributes In: AuthN and attributes Out: AuthN, attributes and OpenSocial API- Groups In: SURFteams & external sources Out: OpenSocial API- OpenSocial, Gadgets, Social Data API and oAuth In: attributes Out: OpenSocial API
  8. 8. Identity federations Source: David Simonsen, WAYF
  9. 9. AttributesMapping SAML → OpenSocial
  10. 10. Groups- Groups are either managed centrally (SURFteams), or provided by institutions- Any acceptable user can become a group admin- Groups provide context for applications (but applications decide on AuthZ!)
  11. 11. SURFteams SURFteams Gadgethttps://www.surfteams.nl
  12. 12. OpenSocial ?- General purpose web integration technology (Gadgets)- Open Social Data API for exchanging information on people, groups, activities, etc (Javascript and REST API)- But also: - Lightweight, 2.0 complient and Easy - Open standard, browser based components - Vendor neutral & platform independent - Large user community → wide spread adoption - Uptake moving from Social Networks to R&E and Enterprise
  13. 13. OpenSocial - overviewApp’s Virtual Organization Consumers ‘Social Network’
  14. 14. OpenSocial - GadgetsGadget API<?xml version="1.0" encoding="UTF-8" ?> <Module> <ModulePrefs title="Hello World!"> <Require feature="opensocial-0.8" /> </ModulePrefs> <Content type="html"> <![CDATA[ Hello, world! ]]> </Content> </Module>- Browser based- Lightweight- Optimized for the internet- Can be anywhere
  15. 15. OpenSocial – Gadget Types- Iframe Gadget vs- Full blown gadgets (using REST API, Javascript OSAPI)
  16. 16. Iframe Gadgets+ Much easier to develop+ Leverage SAML SSO for AuthN- Content lives remote- NO context- Potential GUI clashes
  17. 17. SURFteams – Again... SURFteams Gadgethttps://www.surfteams.nl
  18. 18. Javascript Gadgets+ Context (Person, Group)+ Data is local+ Much more flexibility+ GUI independent? OAuth for authentication- More work to develop
  19. 19. Social Data APIProvides API for exchanging ‘social data’, e.g.:- People & Profiles (attributes)- Groups & Relationships- Activities & messages- Shared applications- Authentication (OAuth)
  20. 20. OAuth- RFC 5849: The OAuth 1.0 Protocol- Webservice (REST) authentication framework- SURFconext supports 2 and 3 legged OAuth
  21. 21. 2-legged OAuth2-legged OAuth: 1) SURFconext and 2) an Application server http://wiki.opensocial.org/index.php?title=OAuth_Use_Cases
  22. 22. 3-legged OAuth3-legged OAuth:1) SURFconext and2) an Application server3) plus an authenticated user http://wiki.opensocial.org/index.php?title=OAuth_Use_Cases
  23. 23. Get Conexted!• Connexting an Identity provider• Connexting a Service provider• Providing Gadgets• Leveraging the REST API (& using OAuth)• Domestication
  24. 24. Identity providers• The SURFconext platform does not connect to Identity Providers directly*• But, it is a Service Provider in SURFfederatie• So, either join SURFfederatie as an IdP• Or use eduGain (Geant3)• SURFconext SP metadata https://engine.surfconext.nl/authentication/sp/metadata * that is, some are more equal then others....
  25. 25. Service Providers• the SURFconext platform does connect to Service Providers directly• SURFconext acts as the sole IdP → as the platform is a proxy, it will redirect users to the real IdP, if required• Join SURFfederatie as an SP• Or use eduGain (Geant3)• Meet the technical requirments
  26. 26. Inspiration- Sakai OAE,- Role Project,- Warwick,- UTwente- SciVerse,- OGCE portal- Apache Rave
  27. 27. Questions?Niels.vanDijk@SURFnet.nl SURFconext-beheer@surfnet.nl

×