Ticket #1062 (new task)

Opened 10 years ago

Last modified 10 years ago

[S] ESG Federation OpenID Site Whitelisting

Reported by: pjkersha Owned by: pjkersha
Priority: required Milestone: CMIP5 Security
Component: security Version:
Keywords: ESG Cc:

Description

OpenID Relying Parties need the capability to authenticate any given OpenID Provider selected by the user. OpenID RPs will keep a whitelist of acceptable OPs. Authentication is by SSL. HTTPS is mandated for RP -> OP connections.

Likewise, OpenID Providers need the capability to authenticate the Relying Party they are returning credentials to.

  • implement SSL mutual authentication (this may require a request to modify the Python OpenID implementation) e.g. to enable an M2Crypto or pyOpenSSL based call to retrieve the OpenID Provider Yadis document.
  • implement handling and configuration of whitelisting metadata.
  • end to end testing against ESG testbed.

Change History

comment:1 Changed 10 years ago by pjkersha

  • Summary changed from ESG Federation OpenID Site Whitelisting to [S] ESG Federation OpenID Site Whitelisting
Note: See TracTickets for help on using tickets.