Hi all, are there any on-going initiatives implementing single-sign-on
in GeoNetwork ? Any recommendations for that (security framework,
information to store in the ldap, ...) ?
Here in Camptocamp, we made one basic implementation 2 years ago using a
servlet filter on top of GeoNetwork using CAS and Ldap. Roles and Groups
were stored in the ldap. Major issues we have with this implementation are :
* based on GeoNetwork 2.0.3
* could not easily switch db auth / cas auth
* only authentication access allowed (no public view)
We plan to work on a more robust one to be proposed for trunk so if some
of you have some recommendations before we start working on it feel free
to comments.
Thanks a lot.
Francois
Hi Francois,
This is something that should at least partially be covered by James' Add Shibboleth as an authentication option proposal. (http://shibboleth.internet2.edu/about.html). It is also a subject that needs work on the ebRIM side of things. It would be nice to fit it in there in a clean way so we get that branch in good shape to start transferring existing GeoNetwork services into it at a later stage. The ebRIM branch as you know is using a couple of more common frameworks and coding practices.
Ciao,
Jeroen
On Mar 26, 2009, at 7:59 AM, Francois-Xavier Prunayre wrote:
Hi all, are there any on-going initiatives implementing single-sign-on
in GeoNetwork ? Any recommendations for that (security framework,
information to store in the ldap, ...) ?
Here in Camptocamp, we made one basic implementation 2 years ago using a
servlet filter on top of GeoNetwork using CAS and Ldap. Roles and Groups
were stored in the ldap. Major issues we have with this implementation are :
* based on GeoNetwork 2.0.3
* could not easily switch db auth / cas auth
* only authentication access allowed (no public view)
We plan to work on a more robust one to be proposed for trunk so if some
of you have some recommendations before we start working on it feel free
to comments.
Thanks a lot.
Francois
------------------------------------------------------------------------------
_______________________________________________
GeoNetwork-devel mailing list
GeoNetwork-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geonetwork-devel
GeoNetwork OpenSource is maintained at http://sourceforge.net/projects/geonetwork
Hi all,
there are any news on that topic? Is Shibboleth/SSO implemented at
Geonetwork yet?
Do I understand this right that Shibboleth/SSO needs ebRIM to work?
Thanks.
regards
Sarah
Jeroen Ticheler - 2 wrote:
Hi Francois,
This is something that should at least partially be covered by James'
Add Shibboleth as an authentication option proposal.
(http://shibboleth.internet2.edu/about.html
). It is also a subject that needs work on the ebRIM side of things.
It would be nice to fit it in there in a clean way so we get that
branch in good shape to start transferring existing GeoNetwork
services into it at a later stage. The ebRIM branch as you know is
using a couple of more common frameworks and coding practices.
Ciao,
Jeroen
On Mar 26, 2009, at 7:59 AM, Francois-Xavier Prunayre wrote:
Hi all, are there any on-going initiatives implementing single-sign-on
in GeoNetwork ? Any recommendations for that (security framework,
information to store in the ldap, ...) ?
Here in Camptocamp, we made one basic implementation 2 years ago
using a
servlet filter on top of GeoNetwork using CAS and Ldap. Roles and
Groups
were stored in the ldap. Major issues we have with this
implementation are :
* based on GeoNetwork 2.0.3
* could not easily switch db auth / cas auth
* only authentication access allowed (no public view)
We plan to work on a more robust one to be proposed for trunk so if
some
of you have some recommendations before we start working on it feel
free
to comments.
Thanks a lot.
Francois
------------------------------------------------------------------------------
_______________________________________________
GeoNetwork-devel mailing list
GeoNetwork-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geonetwork-devel
GeoNetwork OpenSource is maintained at
http://sourceforge.net/projects/geonetwork
------------------------------------------------------------------------------
_______________________________________________
GeoNetwork-devel mailing list
GeoNetwork-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geonetwork-devel
GeoNetwork OpenSource is maintained at
http://sourceforge.net/projects/geonetwork
--
View this message in context: http://n2.nabble.com/SSO-tp2536905p3973181.html
Sent from the GeoNetwork developer mailing list archive at Nabble.com.