Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Authentication Service 2.0
Revision as of 02:33, 30 July 2009 by Ptrevithick.gmail.com (Talk | contribs) (New page: This page describes a new network Authentication Service 1.1. The idea would be move Higgins services to a federated model. This would mean that both the Higgins Selector and all r...)
This page describes a new network Authentication Service 1.1. The idea would be move Higgins services to a federated model. This would mean that both the Higgins Selector and all related supporting services (e.g. I-Card Service 1.1, CardSync Service 1.1, etc.) would rely on this new, external Authentication Service 1.1.
LICS Authentication
Changes required to the un/pw login dialog box:
- Allow the user to login not just with a "local" un/pw approach, but also via one of a number of trusted OpenID (or SAML) providers. This would mean that the user could choose between "local" login (today's approach) or by clicking on 1..N buttons that represent OpenID or SAML IdPs.
- There could be a checkbox: "Clear all data from this machine when quitting this application"
- The login module would initiate an OpenID/Oauth interaction with the IdP.
- The login module would (through browser redirect back) end up with an access token
- The Local I-Card Service Package would send this access token on every message to the I-Card Service 1.1, CardSync Service 1.1, IdAS Proxy Service 1.1 and the Attribute Service 1.1.