wiki:T12_Security/OMII-UK/20080417

Version 4 (modified by pjkersha, 11 years ago) (diff)

--

NDG Security

Home | Research | Architecture | Documentation | Downloads | Discussion | OMII-UK | ESG and IPCC AR5 | DEWS | Admin Quick Start


OMII-UK NDG Security Status Report 2008/04/17

Summary

Work has focussed on the three areas as agreed in the last progress meeting: completion of site deployments; Java client interface; and OpenID interface:

  1. Completion of Deployments:
    • Security is now deployed at partner sites: NEODAAS (Plymouth) and NOCS (Southampton). Single Sign On and access to secured data has been demonstrated for PML and NOCSs users to BADC data. Problems: partner sites have limited resources for ongoing deployment work now that NDG2 is finished. More work is needed to get datasets secured and served through the NDG Browse interface. TODO: update BODC deployment for NDG Browse and security
    • The Single Sign On and Gatekeeper (#963) interfaces for NDG Browse have been separated from the Browse code stack and made standalone within the NDG Security package.
    • A client interface has been written for the existing BADC data browser for NDG Security to enable NDG partners to access data through this mechanism.
  2. Java Client Interface
    • Some progress has been made with Python WS-Security - WSS4J interface. Signature verification is working but WSS4J certificate chain validation fails. Bryan Carpenter has provided support with this. There appears to be a bug with the WSS4J code.

Other

  • Fred Lundh has completed work on a Canonicalizer ElementTree XML package. This will be integrated into the WS-Security package.
  • Contacted SPAM-GP team and got advice about how best to implement Shibboleth SP interface for NDG
  • Written report on options for  Shibboleth Integration