Table of Contents |
---|
Introduction
The main goal of this pilot is to allow end-users to transparently access EGI and EUDAT resources.
Demonstration
Use case 1a: An EGI user accesses an EUDAT web portal using his/her EGI CheckIn ID
Prerequisites:
- EGI CheckIn is registered as an IdP with B2ACCESS
User flow
- EGI User uses their web browser to visit EUDAT service
- EGI User logins → redirected to B2ACCESS
- EGI User chooses EGI CheckIn IdP in B2ACCESS → redirected to EGI CheckIn IdP discovery page
- EGI User chooses their home IdP in EGI CheckIn IdP discovery page → redirected to home IdP
- EGI User gets authenticated → redirected back to EUDAT service via EGI CheckIn and B2ACCESS
Use case 1b: An EUDAT user accesses an EGI web portal using his/her EUDAT B2ACCESS ID
Prerequisites:
- EUDAT B2ACCESS is registered as an IdP with EGI CheckIn
User flow
- EUDAT User uses their web browser to visit EGI service
- EUDAT User logins → redirected to CheckIn
- EUDAT User chooses B2ACCESS in CheckIn IdP discovery page → redirected to B2ACCESS IdP discovery page
- EUDAT User chooses their home IdP in B2ACCESS IdP discovery page → redirected to home IdP
- EUADT User gets authenticated → redirected back to EGI service via B2ACCESS and EGI CheckIn
Use case 2a: An EUDAT user accesses EGI non-web-browser-based resources using X.509 credentials issued by Online CA based on his/her EUDAT B2ACCESS ID
Prerequisites:
- EUDAT B2ACCESS is registered as an IdP with EGI CheckIn
- EGI Master Portal registered with Delegation Server/Online CA
Use case 2b: An EGI user accesses EUDAT non-web-browser-based resources using X.509 credentials issued by Online CA based on his/her EGI CheckIn ID
Prerequisites:
- EGI CheckIn is registered as an IdP with B2ACCESS
- EUDAT Master Portal registered with Delegation Server/Online CA
Components
- SimpleSAMLphp (EGI CheckIn SP/IdP Proxy)
- Unity IDM (EUDAT B2ACCESS SP/IdP Proxy)
- Master Portal (One dedicated instance per AAI)
- VO Portal (One dedicated instance per AAI)
- RCauth.eu Online CA / Delegation server (Online CA shared by both EUDAT and EGI AAI)