Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Service Description

Seamless Access (aka thiss.io) is an implementation of the RA21 recommendations for Identity Provider discovery and persistence. The service consists of the following parts:

  1. An Identity Provider Persistence Service which allows SPs to launch an authentication request to the the last used IdP associated with a device/browser.
  2. An implementation of SAML Identity Provider Discovery which persists choices in the Persitence Service
  3. An MDQ implementation covering at least eduGAIN SAML metadata and implementing extensions for metadata search.

Users

The users of the Seamless Access service are:

  1. Service Providers integrating the Persistence Service.
  2. Service Providers integrating the Discovery Service.
  3. End users relying on the service for Discovery and Persistence.

Team

Product managerLead Architect

Operations

L3 support
Marina Adomeit Leif Johansson 

Operations manager- ??

Engineering - Maria Haider, Erik Bergstrom 

Operations - SUNET NOC

Leif Johansson

GÉANT representative in Seamless Access Governance Committee: Klaas Wierenga 

GÉANT representative in Seamless Access Technical Committee: Christos Kanellopoulos

The SeamlessAccess Organisational chart and GEANT participation mapping is available at https://docs.google.com/presentation/d/1z6wghptHOB3l0QM_CCFL9tQbNlMq8AncufH-vMwolYE/edit#slide=id.g97fe49199d_0_0, and current snapshot is available at:

Image Added

Responsibilities of operational team are defined in the OLA document. 

Responsibilities of Service Operations Manager are as follows: 

  • Responsible for the overall operational health of the service, planning and implementing improvements. 
  • Manages the operational team making sure that relevant operational procedures are followed.
  • Responsible to fulfil functions as defined in relevant operational procedures.
  • Defines and put in place new operational procedures as required.
  • Collaborates with Product manager and operational team to plan for deployment of new software releases. 
  • Responsible for creating and maintaining documentation related to service operations. 

Responsibilities of Service Product Manager are as follows: 

  • Works with the UX team and SeamlessAccess Advanced Integrators to structure and conduct user research and interviews. 
  • Develops product requirements for each level of integration and for different stakeholder groups (publishers, research collaborations, federation operators).
  • Develops a full product roadmap, and maintain it depending on incoming influences that can change priorities.
  • Coordinates the work of UX and development team to fulfil the roadmap. 
  • Works with the Outreach Manager to ensure that SPI documentation is complete, clear and helpful; write additional documentation as needed.
  • Collaborates with operational manager and development team on release and deployment plan.
  • Communications with the user community on roadmap and release plan. 

Service Delivery Model

Delivery of Seamless Access service is done through the Coalition for Seamless Access, a collaboration between five organizations – GÉANT, Internet2, the National Information Standards Organization (NISO), ORCID, and the International Association of STM Publishers (STM). Seamless access has in 2019 started the beta service, that will operationally run on a production level quality infrastructure and will conduct a business pilot working with first adopters. Coalition partners  will seek to provide sufficient resources to meet the deliverables defined for each responsibility area as follows:

  • STM: Project secretariat, publisher outreach and UX design
  • NISO: Library outreach
  • GÉANT: Technical development and operations
  • All Parties: Governance, community engagement, and other deliverables as mutually agreed by the Parties

Service Elements

The service consists of the following main components:

  1. Commercial CDNs used to deliver web artifacts (JS, HTML, CSS) to end user browsers.
  2. Frontend software https://github.com/TheIdentitySelector/thiss-js, to be implemented by Service Providers. 
  3. A backend consisting of an MDQ implementation with search extensions enabled (currently pyff.io).

Search function

Discovery service searches for substring in one of the metadata elements that are defined in entity_extended_display_i18n in https://github.com/IdentityPython/pyFF/blob/master/src/pyff/samlmd.py.

Technology Infrastructure

Documented at Seamless Access Deployment Architecture

Supporting Infrastructure

All software components except the CDN are configured and maintained using cosmos+puppet infrastructure at https://github.com/TheIdentitySelector/thiss-ops. Documentation in the docs directory. Monitoring is done using nagios generated automatically from service configuration. Additional monitoring is done using pingdom. Status.io is used to communicate service status

...

This page contains service description outlining how and where service should be used, targeted users, service delivery model and service elements and topology.

RESPONSIBLE: Information provided in this page is initially populated by the development team (during the transition phase), and revised based on the need or in a yearly service check by service_name Service Manager, with exception of CBA which remains the responsibility of business development team.

Service Description

Add brief description of the service, how and where service should be used, typical or key use cases or scenarios (for various groups/levels of end users) and other relevant overview information

Users

Add definition of who are the targeted users, estimate about possible number of users etc.

Contacts

All operations, business development and stakeholders contacts

 

...

Service Delivery Model

Add explanation about organisation of service delivery

Service Elements

Service Elements, with brief descriptions (or links) to products, resource types or instances and technical components or software stack, and indications of their types - if they are developed internally (in-house), OSS, or commercial off-the-shelf products or software. Service elements are grouped in two categories:

Technology Infrastructure

Add list and description of products and resources used to deliver main functionalities of the service. Add service technical architecture - i.e. it is good to have a conceptual architectural diagram and topology diagram.

Supporting Infrastructure

Add list and descriptions of products and resources used to deliver supporting services such as specialized monitoring and measuring systems, configuration management system, issue/request (ticket) management system, reporting system, etc.

Cost Benefit Analysis (CBA)

Provide URL to the last valid CBA.Not applicable at the moment