keystone apache authn
TRANSCRIPT
[ ]Environment:Auth_TypeRemote UserIdentity AttributesIDP nameApache
Front end
Mod shib
Mod mellon
Mod openID
Mod etc
To IDP
Keystone
AUTHN
PW
token
saml2
external
Current Design
Hack Config parameter (because not all Mods produce same info)# Value to be used when filtering assertion parameters from# the environment. (string value)assertion_prefix=”Mellon”
RemoteKeystone
X
[ ]Environment:Auth_TypeRemote UserIdentity AttributesIDP nameApache
Front end
Mod shib
Mod mellon
Mod openID
Mod etc
To IDP
Keystone
AUTHN
PW
token
mellon
external
shib
openid
Proposed Design (1)
etc
RemoteKeystone
Keystone
Have a new Authn plugin for each Apache plugin and eachexternal protocol (such as Keystone) we want to supportEach plugin returns the same formatted info to Authn
[ ]Environment:Auth_TypeRemote UserIdentity AttributesIDP nameApache
Front end
Mod shib
Mod Mellon
Mod Open
IDMod etc
To IDP
Keystone
AUTHN
PW
token
mellon
external
Token creation
shibopenid
Proposed Design (2)
etc
RemoteKeystone
Keystone
Have a new Keystone module for each Apache plugin and eachexternal protocol (such as Keystone) we want to supportEach module provides the same formatted info to Token Creation