Changes between Version 2 and Version 3 of T12_Security/OMII-UK/20080214


Ignore:
Timestamp:
14/02/08 11:42:24 (11 years ago)
Author:
pjkersha
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • T12_Security/OMII-UK/20080214

    v2 v3  
    55=== 01: Documentation === 
    66 * Completed [http://proj.badc.rl.ac.uk/ndg/browser/TI12-security/trunk/documentation/ComputationalViewpoint/NDGSecurityComputationalViewpoint.pdf?format=raw NDG Security Computational Viewpoint] design document.  This gives an overview of the NDG Security system architecture. 
     7 * Installation Guide updated to include instructions for configuring !MyProxy as a SimpleCA and PAM interface to target site specific authentication system. 
    78 
    89=== 02: Port services into WSGI framework === 
    9 Recently experimented with paster using the `pylons_minimal` template.  This should provide a good basis for security services however it's not clear whether it would support a handler based mechanism needed for WS-Security. 
     10Recently experimented with paster using the `pylons_minimal` template.  This should provide a good basis for security services. 
    1011 
    1112=== 03: Use !MyProxy as a Simple CA (#928) === 
    12  
    13 [[WikiInclude(ticket:928)]] 
    14  
    15 NDG Security is now deployed at BADC, BODC, PML and NOCS.  Single sign on has  
    16 been tested across sites but work remains to be done to integrate NDG role  
    17 allocation and access control with existing site infrastructures. 
    18  * Oracle PAM plugin: contacted NGS for  
     13This is to enable !MyProxy to interface with NDG partner sites' existing authentication mechanism i.e. via a user database: 
     14 * BADC having working version integrated against a Postgres database 
     15 * PML also use Postgres and will copy BADC installation 
     16 * BODC require a PAM to plugin to Oracle.   
     17  * Enquiries have been made with the NGS at RAL to see if they have had experience with something like this but the answer is no. 
     18  * An Open Source Oracle PAM is available pam_oci8 based on the OCI8 C library client wrapper to Oracle.  However, this does not appear to be supported anymore and doesn't include capability for MD5 encryption of passwords.  This module has been adapted to the latter and tested at BODC 
     19  * BODC will make a support request to Oracle to see if there is an off-the-shelf package. 
     20 * NOCS: todo - try MySQL PAM. 
    1921 
    2022=== OMII-UK Site === 
     
    2325 
    2426=== Project Management === 
    25 The project is now entered into Trac tickets and the [http://www.taskjuggler.org TaskJuggler] Project Management tool. 
     27The project is now entered into Trac tickets and the [http://www.taskjuggler.org TaskJuggler] Project Management tool with a new baseline to reflect changes discussed in the 3 monthly meeting.