Version 9 (modified by pjkersha, 13 years ago) (diff)


Data Provider Deployment

This page explores how a Data Provider deploys and configures NDG Security.

Use Case

A Use Case? looks at the steps in this process.

Relevant Documents

Deployment Diagram

This illustrates a possible configuration for deployment of the required components and services



  • Security Web Services must be exposed to the outside world, for example to allow issuing of new certificates for users via the NDG Simple CA web service or negotiation of authorisation of a resource between Session Managers and Attribute Authorities of different NDG sites.
  • Two alternate configurations are presented for access of web services to the external network:
    1. Redirect through port 80 and assigned URI (may be achieved with Apache using a ProxyPass directive)
    2. Open dedicated ports for each service in the firewall
  • MyProxy and database resources are shielded within the firewall


  • Data Provider serves user roles via tables in a user database
  • The Credential Repository is implemented as a database
  • User database and Credential Repository reside on the same server
  • Security Web Services reside on the same host