An open discussion list for topics related to the eduGAIN interfederation service.

[Niels van Dijk <niels.vandijk AT surfnet.nl>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Nice!

Just tested it with one of my services, and this works well :)

2 requests:
- - can I get a slightly more convenient way of seeing username/passwd
and associated attributes?
- - can I download the account details?

I think both could be covered if the Test Accounts page would feature
a CSV or TXT download of the accounts. This would instantly solve the
"Please keep a record of the above user names and passwords" issue ;)

Also a few questions:
- - are you reassiging ePPNs? I am think here of a case where I would
allow somebody with ePPN 19 AT access-check.edugain.org access, but after
7 days that might be assigned to somebody else?
- - the accounts show: "eduPersonTargetedID: value dynamically generated
by the SP" -> will the give a persistent or a transient value?
- - The check seems to ignore the SPs attribute retirements from SP
metadata. Is that intentionally?


Then a more philosophical question:
Our federation does not like/allow test entities to be published into
eduGAIN, as we would typically want them to think about stuff like
attributes and test that with a testbed like this one *before* they
connect to eduGAIN. We e.g. require an attribute request statment
before a SP can join our federation.

I feel therefore it would make sense to also allow SPs to test their
setup before getting into eduGAIN. This would require a serie to
provide a metadata URL, not select one from existing metadata. What do
you think?

Many thanks,

Niels

On 08-09-15 15:41, Olivier Salaün wrote:
> Hello all
> 
> Have you ever wanted to test login on your eduGAIN Service Provider
> with different identities (staff, student, researchers) from a
> eduGAIN different Identity Provider than your own?
> 
> If so, we recommend you to have a look at the "eduGAIN Access
> Check" service that allows administrators of eduGAIN SPs to test
> federated login of their own service with different user
> (attribute) profiles. This is especially useful if the operators of
> an eduGAIN service don't have an eduGAIN-enabled account themselves
> (e.g. cloud providers or researchers whose institution is not in
> eduGAIN yet). But it is also useful in case one wants to test login
> from another eduGAIN Identity Provider than the one from his own
> institution.
> 
> The eduGAIN Access Check provides realistic short-time user
> profiles (users with non-ascii names, incomplete attribute sets) to
> help SP administrators improve and adapt their eduGAIN-enabled
> service.
> 
> If you want to try the eduGAIN Access Check service and learn more
> about it, find the service and its description at:
> 
> <https://access-check.edugain.org/>
> 
> Feel also free to let other Service Providers know about the
> eduGAIN Access Check; they might find it useful if they consider
> joining eduGAIN.
> 
> As the service development continues, we are also looking forward
> to getting feedback and inputs.
> 
> --
> 
> 
> 
> *Olivier Salaün* Etudes et projets applicatifs
> 
> Tél : +33 2 23 23 71 27 Fax : +33 2 23 23 71 11 
> <http://www.renater.fr>www.renater.fr RENATER 263 Avenue du Gal
> Leclerc 35042 Rennes Cedex
> 
> 
> 


- -- 

Please note:
On January 1st, 2015 SURFnet moved to a new office.
New Visiting address: Kantoren Hoog Overborch (Hoog Catharijne)
Moreelsepark 48, 3511 EP Utrecht
Postal address: PO Box 19035, 3501 DA Utrecht
New Telephone: +31 88-7873000
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBAgAGBQJV7u0bAAoJECCFeCvee7L1SoUQAJBF2XRv7WG8a0+col57iKND
TOYLVW+qAIcjfYR8P8lX8sz4axjaNwTdiH/7p0w+CGePCZBKmept+gJaLxdurKg/
At7PKP3htH+DICzcxHFjfGBH1WpxME5S8mME1BvYL/cNRssyQhUbyF3izOvlP1hv
6NWrntfhsLWDfDOOisUOKPpw5RlwifWgDCU0Kx7YvNulqpCJpOLIwMUVbWjw5KJh
GvvY+nuGIa7tfdPbmbVCA8q/5MdJM+I7h40Df2OJQRiZ12bmUH3x90RFzkTl7EKf
4YZZWKbNGNCcm5PETo4P4t1GYkgU0Qu15Z/AtMruf4oSlTQR2tafzB/hOv8+U28X
HobMxt7qJTdKqoPXXZB1BLZeSx4OZRhz4y07u0U+2PXRUV4LlwhIhtPXVHp6bKDx
RJlfukKKNTshs8zgTkCD27xJ+5gfisaNk75BYUbNjqVZBs9S2cPphcodG3/QZqLS
owv3cxqzTwX+KDEOZp8agkOKsrvnrcmmr932kZKsJHmdlpDstAVEVrrHTsSY2RSQ
qKe4vDI9LFUz1mnC9shBo2DOTbd0da97VwNYuZjq+Pm3S4zqqqhMxx1KsQQ/svW3
Z3Zl3JiK4eUoaX4O2o2KjjGghwnhSzrdwq0xud/nsQkvk/1jHzNiNLTS7OhkE3r3
DUYcQXlhRzc9yAhsHorx
=BBbP
-----END PGP SIGNATURE-----