[[WikiInclude(T12_Security/_menu)]]
[[PageOutline]]
== OMII-UK NDG Security Status Report 2009/01/06 ==

=== Summary ===
 1. Integration of NDG Security into the BADC Data Browser the main data access point for the BADC.
   * Andrew Harwood the BADC's site administrator has done further work to integrate the NDG Security single sign on into the My BADC and other sections of the site requiring login
   * deployment on production system due in the next few weeks
   * Authorization components will be phased in gradually replacing the BADC's legacy authorization system.
 1. #927 Port services into WSGI framework:
   * All services are ported now.  This gives the capability to chain services together in a single web application container or deploy individually.  WSGI components include:
    * Session Manager
    * Attribute Authority
    * OpenID Provider
    * OpenID Relying Party
    * Generic SOAP WSGI
    * WS-Security Signature Handler
    * SSL Client Authentication Handler
 1. #929 Documentation: changes for #927 make the installation process much simpler.  The installation guide needs to be revised.
 1. #983 OpenID Provider
   * Implementation completed and tested.  Requires rollout and securing with SSL probably using SSL Client Authentication WSGI mention above.
 1. #938 Java Client Interface:
   * Require regeneration of stubs following modifications to WSDLs
 1. #940 WS-Security for ZSI: Still to do - make into an independent package for release to Python community.
 1. #941 !MyProxy client: made separate package ready for upload to PyPI (Python's equivalent of CPAN), waiting confirmation about licensing from 3rd parties.
 1. #958 Collaborating with Earth System Grid partners to agree format of messages.  Telecon to be scheduled for this month.

=== Other Relevant ===
 1. Simon Hettrick has published an article on NDG Security in the OMII-UK newsletter
 1. Final Project meeting date TBD.