Presentatie Code Jam Niels van Dijk
-
Upload
kirstenveelo -
Category
Technology
-
view
411 -
download
0
Transcript of Presentatie Code Jam Niels van Dijk
![Page 1: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/1.jpg)
SURFconext codeJamNiels van Dijk, Technical Product Manager SURFconext
Utrecht, November 2011
![Page 2: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/2.jpg)
The Collaboration game
Modern universities are developing towards loose
conglomerates of (inter)discipline expertise
→ Collaboration is therefore core business
→ Scientific collaboration involves groups of people
in multiple institutions, disciplines and countries
→ Collaboration is about using shared resources
![Page 3: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/3.jpg)
A distributed landscape
Learning and science combines resources from
multiple sources:
→ The core resources are within the 'local' domain,
but may be within multiple institutions
→ and the generic collaboration services in 'the
cloud'
![Page 4: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/4.jpg)
(C) 2009 SURFnet B.V.4
![Page 5: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/5.jpg)
SURFconext componentsSURFconext components
![Page 6: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/6.jpg)
Functional componentsFunctional components
![Page 7: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/7.jpg)
Basic Concepts
- Identity Federations, SAML and attributesIn: AuthN and attributesOut: AuthN, attributes and OpenSocial API
- GroupsIn: SURFteams & external sourcesOut: OpenSocial API
- OpenSocial, Gadgets, Social Data API and oAuthIn: attributesOut: OpenSocial API
![Page 8: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/8.jpg)
Identity federations
Source: David Simonsen, WAYF
![Page 9: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/9.jpg)
Attributes
Mapping SAML → OpenSocial
![Page 10: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/10.jpg)
Groups
- Groups are either managed centrally (SURFteams),
or provided by institutions
- Any acceptable user can become a group 'admin'
- Groups provide context for applications
(but applications decide on AuthZ!)
![Page 11: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/11.jpg)
SURFteams
https://www.surfteams.nl
SURFteams Gadget
![Page 12: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/12.jpg)
OpenSocial ?
- General purpose web integration technology ('Gadgets')
- Open 'Social Data' API for exchanging information on people, groups, activities, etc (Javascript and REST API)
- But also:- Lightweight, '2.0' complient and 'Easy'- Open standard, browser based components- Vendor neutral & platform independent- Large user community → wide spread adoption- Uptake moving from Social Networks to R&E and
Enterprise
![Page 13: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/13.jpg)
OpenSocial - overviewOpenSocial - overview
App’s Virtual Organization ConsumersApp’s Virtual Organization Consumers ‘ ‘Social Network’Social Network’
![Page 14: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/14.jpg)
OpenSocial - GadgetsOpenSocial - Gadgets
Gadget APIGadget API
- Browser based- Browser based- Lightweight- Lightweight- Optimized for the internet- Optimized for the internet- Can be anywhere- Can be anywhere
<?xml version="1.0" encoding="UTF-8" ?> <Module> <ModulePrefs title="Hello World!"> <Require feature="opensocial-0.8" /> </ModulePrefs> <Content type="html"> <![CDATA[ Hello, world! ]]> </Content> </Module>
![Page 15: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/15.jpg)
OpenSocial – Gadget TypesOpenSocial – Gadget Types
- Iframe Gadget vs
- 'Full blown' gadgets (using REST API, Javascript OSAPI)
![Page 16: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/16.jpg)
Iframe GadgetsIframe Gadgets
+ Much easier to develop
+ Leverage SAML SSO for AuthN
- Content lives remote
- NO context
- Potential GUI clashes
![Page 17: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/17.jpg)
SURFteams – Again...
https://www.surfteams.nl
SURFteams Gadget
![Page 18: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/18.jpg)
Javascript GadgetsJavascript Gadgets
+ Context (Person, Group)
+ Data is 'local'
+ Much more flexibility
+ GUI independent
? OAuth for authentication
- More work to develop
![Page 19: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/19.jpg)
Social Data APISocial Data API
Provides API for exchanging ‘social data’, e.g.: Provides API for exchanging ‘social data’, e.g.: - People & Profiles (attributes)- Groups & Relationships- Activities & messages - Shared applications - Authentication (OAuth)(OAuth)
![Page 20: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/20.jpg)
OAuth
- RFC 5849: The OAuth 1.0 Protocol
- Webservice (REST) authentication framework
- SURFconext supports
2 and 3 legged OAuth
![Page 21: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/21.jpg)
2-legged OAuth
2-legged OAuth:
1) SURFconext and
2) an Application server
http://wiki.opensocial.org/index.php?title=OAuth_Use_Cases
![Page 22: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/22.jpg)
3-legged OAuth
3-legged OAuth:
1) SURFconext and
2) an Application server
3) plus an authenticated user
http://wiki.opensocial.org/index.php?title=OAuth_Use_Cases
![Page 23: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/23.jpg)
Get Conexted!
• Connexting an Identity provider
• Connexting a Service provider
• Providing Gadgets
• Leveraging the REST API (& using OAuth)
• Domestication
![Page 24: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/24.jpg)
Identity providers
• The SURFconext platform does not connect to Identity Providers directly*
• But, it is a Service Provider in SURFfederatie
• So, either join SURFfederatie as an IdP
• Or use eduGain (Geant3)
• SURFconext SP metadatahttps://engine.surfconext.nl/authentication/sp/metadata
* that is, some are more equal then others....
![Page 25: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/25.jpg)
Service Providers
• the SURFconext platform does connect to Service Providers directly
• SURFconext acts as the sole IdP→ as the platform is a proxy, it will redirect users to the real IdP, if required
• Join SURFfederatie as an SP
• Or use eduGain (Geant3)
• Meet the technical requirments
![Page 26: Presentatie Code Jam Niels van Dijk](https://reader036.fdocuments.in/reader036/viewer/2022062312/55514a4fb4c905c6268b50c7/html5/thumbnails/26.jpg)
InspirationInspiration
- Sakai OAE,
- Role Project,
- Warwick,
- UTwente
- SciVerse,
- OGCE portal
- Apache Rave