wiki:TI12_Security/betaCriticalPath

Version 3 (modified by pjkersha, 12 years ago) (diff)

--

Critical Path for BETA+Security

Issues

  1. Do we deploy at all NDG partners / only BADC / BADC + one other? We would need at least the latter to demonstrate role mapping and cross site single sign on.
  2. Do we need a completed SimpleCA Web Service? It's not a straightforward upgrade from the Alpha version because the client for Alpha required a Globus client. As with MyProxy we want this eliminated for beta. Nb. the SimpleCA Web Service would be superceded in any case if we make the planned change later this year to use MyProxy as a CA. In the meantime we can run a batch script to generate all the certificates we need at BADC without the need to use an upgraded SimpleCA service. Generation of all user certs at other sites could be more problematic. However, BODC for example only had a handful of users set-up for NDG Alpha tests.

Tasks

  1. Complete Development
    1. Attribute Authority (done)
    2. MyProxy Client (done)
    3. WS-Security interface (done) This is now modified to allow inclusion of certificate trust chains required with use of proxy certificates.
    4. Security Eggs (done) but require minor tweaks.
    5. Session Manager - minor changes [1 day, total 1]
    6. Login Service [3 days, total 4]
    7. NDG Session Client. This enables other partners to call NDG security from their non-Python based client code by calling it as an executable script. It needs upgrading from the Alpha version. [1 day, total 5]
    8. Convert to Python 2.5 (will require minor changes e.g. to fix ElementTree import statements. No other known issues. [1 day, total 6]
    9. Simple CA Service (not essential to BETA+Security - see Issues above) [3 days, total 9]
    10. Logging Service (not essential to BETA+Security - Logging is not integrated into the rest of NDG Security but it's desirable. There is a problem in the syslogger call which needs flagging with the Python mailing list) [2 days, total 11]
  2. Deploy at BADC
    1. Client egg install (Bryan so that he can link up Browse services) [1 day, total 12]
    2. Server egg install on glue [1 day, total 13]
    3. Postgres Attribute Authority plugin [1 day, total 14]
  3. Deploy at BODC [suggested deployment at one other site - see Issue 1) above]
    1. Browse config + Security Client egg install [1 day, total 15]
    2. Server egg install [1 day, total 16]
    3. Oracle Attribute Authority plugin [1 day, total 17]
  1. Integration testing, bug fixes [4 days, total 21]