SlideShare ist ein Scribd-Unternehmen logo

Discovery refeds 11

Als PPTX, PDF herunterladen
R
refeds

Rod Widdowson's presentation to REFEDS, Prague 2011

TechnologieSport
1 von 31
Discovery & Login Status Some thoughts for federation operators.Rod Widdowson EDINA
Status Next generation software is here or nearly here. Shibboleth: EDS V1.0. IdP 2.3. SP 2.4. DiscoJuice. But the work now moves to federation operators.
Take-aways from this talk “Discovery & Login” Extensions are really important: Make recommendations about them. Start collecting them. Engage with entity operators about them. ... And don’t forget your own discovery service
Discovery Extensions? A picture may be worth 1024 words (which is between 1024 and 4096 octets depending on the architecture in question)
WAS: Start at the SP
WAS: Go to the DS
WAS: Thence to the IdP
To note Three different web pages Three different brandings One of which is probably complete strange to the first time user. There is no indication that you are doing the right thing
With Added Extensions SP
Embedded Discovery Service
IdP
SP
Centralized Discovery Service
IdP
And DiscoJuice
Discovery extensions? Or “SAML V2.0 Metadata Extensions for Login and Discovery User Interface Version 1.0” as it likes to be known. http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-ui/v1.0/sstc-saml-metadata-ui-v1.0.pdf User Information Hinting Information
User Info Things used in the UI to ease discovery and login. Display Name. Display Description. Logos. Keywords. Information & Privacy Statement URLs.
Logo But what sizes? Shibboleth recommendations: IdPs https://wiki.shibboleth.net/confluence/display/EDS10/4.+Metadata+Considerations SPs https://wiki.shibboleth.net/confluence/display/SHIB2/IdPMDUIRecommendations Your CDS will also have recommendations. As will policy.
Hinting Geo: “If you physically close to a campus you may prefer that IdP”. IP: “If you are on an campus IP address you may prefer that IdP”. DNS: “If you machine has a campus DNS, you may prefer that IdP”.
Take-aways From this talk “Discovery & Login” extensions really matter. Make recommendations about them. Start collecting them. Engage with entity operators To add the extensions. To exploit the extensions: There is software already shipping to do this. Not just Shibboleth. ... And don’t forget your own discovery service.
Federation Discovery Service Based on UK experience: Try to down play it within your organization. You don’t show off your toilets to your house guests: It’s just something you have to have. Think about the continuing story. Add SP co-branding. Add IdP branding. Remove your own branding. Remember to consider accessibility. Start thinking about cross federation discovery.
Questions Rod Widdowson rdw@steadingsoftware.com
Discovery isn’t About scale. About the operators’ branding. About accounting. About a central service. Confined to your domain.
Discovery is Never perfectly addressed. Going to get harder. About the first user. About a seamless experience. About commonality of experience. Everyone’s job.
Discovery isn’t about scale Actually it might be. But not yet
Discovery isn’t About accounting No matter how tempting it might be to assume it, not every transaction goes via the DS. About a single central service Well it is, but we would like it not to be. And we are going to have to move away from that.
Discovery Isn’tConfined to your domain
Discovery is Never perfectly addressed We can just make it less bad via a series of aproximations. About the first user The first ever user The first user at this site Consistency Between discovery pages at different sites. Give the feeling of an ongoing story.
Discovery isn’t about the operator’s branding It just confuses the first time user
Suggestions for OperatorsSPs Work with your SP to deploy their own discovery solutions Shibboleth SP SPs using the Shibboleth CDS Other types of SP which use the Shibboleth EDS SimpleSAMLphp Get SP operators to contribute discovery & login information.
Suggestions for OperatorsIdPs Work with your IdPs to add SP co-branding on the login page Shibboleth: Always been feasible Default page in 2.3 Other IdPs Get IdP operators to contribute discovery & login information.

Empfohlen

Licia Florio REFEDS Prague 2011
Licia Florio REFEDS Prague 2011Licia Florio REFEDS Prague 2011
Licia Florio REFEDS Prague 2011refeds
 
Edugain policy-prague vn
Edugain policy-prague vnEdugain policy-prague vn
Edugain policy-prague vnrefeds
 
Informe de la ganaderia
Informe de la ganaderiaInforme de la ganaderia
Informe de la ganaderiaGapp Naternet
 
Sp branding in idp discovery & login
Sp branding in idp discovery & loginSp branding in idp discovery & login
Sp branding in idp discovery & loginmarkwilliams
 
Enterprise Devops Presentation @ Magentys Seminar London May 15 2014
Enterprise Devops Presentation @ Magentys Seminar London May 15 2014Enterprise Devops Presentation @ Magentys Seminar London May 15 2014
Enterprise Devops Presentation @ Magentys Seminar London May 15 2014Jwooldridge
 
This isn't what you think it is
This isn't what you think it isThis isn't what you think it is
This isn't what you think it isJoel Cochran
 
Fight the recession Programmer2.0
Fight the recession Programmer2.0Fight the recession Programmer2.0
Fight the recession Programmer2.0Multipoint Thoughts
 
Open Web Technologies and You - Durham College Student Integration Presentation
Open Web Technologies and You - Durham College Student Integration PresentationOpen Web Technologies and You - Durham College Student Integration Presentation
Open Web Technologies and You - Durham College Student Integration Presentationdarryl_lehmann
 

Empfohlen

Licia Florio REFEDS Prague 2011
Licia Florio REFEDS Prague 2011Licia Florio REFEDS Prague 2011
Licia Florio REFEDS Prague 2011refeds
 
Edugain policy-prague vn
Edugain policy-prague vnEdugain policy-prague vn
Edugain policy-prague vnrefeds
 
Informe de la ganaderia
Informe de la ganaderiaInforme de la ganaderia
Informe de la ganaderiaGapp Naternet
 
Sp branding in idp discovery & login
Sp branding in idp discovery & loginSp branding in idp discovery & login
Sp branding in idp discovery & loginmarkwilliams
 
Enterprise Devops Presentation @ Magentys Seminar London May 15 2014
Enterprise Devops Presentation @ Magentys Seminar London May 15 2014Enterprise Devops Presentation @ Magentys Seminar London May 15 2014
Enterprise Devops Presentation @ Magentys Seminar London May 15 2014Jwooldridge
 
This isn't what you think it is
This isn't what you think it isThis isn't what you think it is
This isn't what you think it isJoel Cochran
 
Fight the recession Programmer2.0
Fight the recession Programmer2.0Fight the recession Programmer2.0
Fight the recession Programmer2.0Multipoint Thoughts
 
Open Web Technologies and You - Durham College Student Integration Presentation
Open Web Technologies and You - Durham College Student Integration PresentationOpen Web Technologies and You - Durham College Student Integration Presentation
Open Web Technologies and You - Durham College Student Integration Presentationdarryl_lehmann
 
GoT ServiceNow Realm Survial Guide
GoT ServiceNow Realm Survial GuideGoT ServiceNow Realm Survial Guide
GoT ServiceNow Realm Survial GuideSarah R Carley
 
Rails Operations - Lessons Learned
Rails Operations - Lessons LearnedRails Operations - Lessons Learned
Rails Operations - Lessons LearnedJosh Nichols
 
Gateway to Agile: XP and BDD
Gateway to Agile: XP and BDD Gateway to Agile: XP and BDD
Gateway to Agile: XP and BDD Gervais Johnson, Advisor
 
Planning JavaScript and Ajax for larger teams
Planning JavaScript and Ajax for larger teamsPlanning JavaScript and Ajax for larger teams
Planning JavaScript and Ajax for larger teamsChristian Heilmann
 
Microsoft Webday 2008 - Silverlight Experiences
Microsoft Webday 2008 - Silverlight ExperiencesMicrosoft Webday 2008 - Silverlight Experiences
Microsoft Webday 2008 - Silverlight ExperiencesNicklas Andersson
 
Don't hate, automate. lessons learned from implementing continuous delivery
Don't hate, automate. lessons learned from implementing continuous deliveryDon't hate, automate. lessons learned from implementing continuous delivery
Don't hate, automate. lessons learned from implementing continuous deliverySolano Labs
 
Running a business on Web Scraped Data
Running a business on Web Scraped DataRunning a business on Web Scraped Data
Running a business on Web Scraped DataPierluigi Vinciguerra
 
Scaling on DigitalOcean
Scaling on DigitalOceanScaling on DigitalOcean
Scaling on DigitalOceandavid_e_worth
 
From desktop to the cloud, cutting costs with Virtual kubelet and ACI
From desktop to the cloud, cutting costs with Virtual kubelet and ACIFrom desktop to the cloud, cutting costs with Virtual kubelet and ACI
From desktop to the cloud, cutting costs with Virtual kubelet and ACIAdi Polak
 
Javaland 2017: "You´ll do microservices now". Now what?
Javaland 2017: "You´ll do microservices now". Now what?Javaland 2017: "You´ll do microservices now". Now what?
Javaland 2017: "You´ll do microservices now". Now what?André Goliath
 
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...André Goliath
 
UX Flow: way to solve problems
UX Flow: way to solve problemsUX Flow: way to solve problems
UX Flow: way to solve problemsAndrew Veles
 
Performance Tools from HP Help IT Services Provider Savvis Scale to Meet Cust...
Performance Tools from HP Help IT Services Provider Savvis Scale to Meet Cust...Performance Tools from HP Help IT Services Provider Savvis Scale to Meet Cust...
Performance Tools from HP Help IT Services Provider Savvis Scale to Meet Cust...Dana Gardner
 
Licenses, Contributions, Support or the lack thereof
Licenses, Contributions, Support or the lack thereofLicenses, Contributions, Support or the lack thereof
Licenses, Contributions, Support or the lack thereofAlexander Graebe
 
Paris Web - Javascript as a programming language
Paris Web - Javascript as a programming languageParis Web - Javascript as a programming language
Paris Web - Javascript as a programming languageMarco Cedaro
 
Grow your startup with on deman talent by hayley conick at guru program sprin...
Grow your startup with on deman talent by hayley conick at guru program sprin...Grow your startup with on deman talent by hayley conick at guru program sprin...
Grow your startup with on deman talent by hayley conick at guru program sprin...TechMeetups
 
Functional requirements: Thinking Like A Pirate
Functional requirements: Thinking Like A PirateFunctional requirements: Thinking Like A Pirate
Functional requirements: Thinking Like A PirateAmye Scavarda
 
729 Solutions Helps Connect The Dots - Our Services At A Glance
729 Solutions Helps Connect The Dots - Our Services At A Glance729 Solutions Helps Connect The Dots - Our Services At A Glance
729 Solutions Helps Connect The Dots - Our Services At A GlanceIron Mountain
 
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...Caktus Group
 
Alex jeff presentation_final_2
Alex jeff presentation_final_2Alex jeff presentation_final_2
Alex jeff presentation_final_2Atlassian
 
REFEDS MET, PEER and MDUI Presentation
REFEDS MET, PEER and MDUI PresentationREFEDS MET, PEER and MDUI Presentation
REFEDS MET, PEER and MDUI Presentationrefeds
 
REFEDS Overview
REFEDS OverviewREFEDS Overview
REFEDS Overviewrefeds
 

Weitere ähnliche Inhalte

Ähnlich wie Discovery refeds 11

GoT ServiceNow Realm Survial Guide
GoT ServiceNow Realm Survial GuideGoT ServiceNow Realm Survial Guide
GoT ServiceNow Realm Survial GuideSarah R Carley
 
Rails Operations - Lessons Learned
Rails Operations - Lessons LearnedRails Operations - Lessons Learned
Rails Operations - Lessons LearnedJosh Nichols
 
Planning JavaScript and Ajax for larger teams
Planning JavaScript and Ajax for larger teamsPlanning JavaScript and Ajax for larger teams
Planning JavaScript and Ajax for larger teamsChristian Heilmann
 
Microsoft Webday 2008 - Silverlight Experiences
Microsoft Webday 2008 - Silverlight ExperiencesMicrosoft Webday 2008 - Silverlight Experiences
Microsoft Webday 2008 - Silverlight ExperiencesNicklas Andersson
 
Don't hate, automate. lessons learned from implementing continuous delivery
Don't hate, automate. lessons learned from implementing continuous deliveryDon't hate, automate. lessons learned from implementing continuous delivery
Don't hate, automate. lessons learned from implementing continuous deliverySolano Labs
 
Running a business on Web Scraped Data
Running a business on Web Scraped DataRunning a business on Web Scraped Data
Running a business on Web Scraped DataPierluigi Vinciguerra
 
Scaling on DigitalOcean
Scaling on DigitalOceanScaling on DigitalOcean
Scaling on DigitalOceandavid_e_worth
 
From desktop to the cloud, cutting costs with Virtual kubelet and ACI
From desktop to the cloud, cutting costs with Virtual kubelet and ACIFrom desktop to the cloud, cutting costs with Virtual kubelet and ACI
From desktop to the cloud, cutting costs with Virtual kubelet and ACIAdi Polak
 
Javaland 2017: "You´ll do microservices now". Now what?
Javaland 2017: "You´ll do microservices now". Now what?Javaland 2017: "You´ll do microservices now". Now what?
Javaland 2017: "You´ll do microservices now". Now what?André Goliath
 
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...André Goliath
 
UX Flow: way to solve problems
UX Flow: way to solve problemsUX Flow: way to solve problems
UX Flow: way to solve problemsAndrew Veles
 
Performance Tools from HP Help IT Services Provider Savvis Scale to Meet Cust...
Performance Tools from HP Help IT Services Provider Savvis Scale to Meet Cust...Performance Tools from HP Help IT Services Provider Savvis Scale to Meet Cust...
Performance Tools from HP Help IT Services Provider Savvis Scale to Meet Cust...Dana Gardner
 
Licenses, Contributions, Support or the lack thereof
Licenses, Contributions, Support or the lack thereofLicenses, Contributions, Support or the lack thereof
Licenses, Contributions, Support or the lack thereofAlexander Graebe
 
Paris Web - Javascript as a programming language
Paris Web - Javascript as a programming languageParis Web - Javascript as a programming language
Paris Web - Javascript as a programming languageMarco Cedaro
 
Grow your startup with on deman talent by hayley conick at guru program sprin...
Grow your startup with on deman talent by hayley conick at guru program sprin...Grow your startup with on deman talent by hayley conick at guru program sprin...
Grow your startup with on deman talent by hayley conick at guru program sprin...TechMeetups
 
Functional requirements: Thinking Like A Pirate
Functional requirements: Thinking Like A PirateFunctional requirements: Thinking Like A Pirate
Functional requirements: Thinking Like A PirateAmye Scavarda
 
729 Solutions Helps Connect The Dots - Our Services At A Glance
729 Solutions Helps Connect The Dots - Our Services At A Glance729 Solutions Helps Connect The Dots - Our Services At A Glance
729 Solutions Helps Connect The Dots - Our Services At A GlanceIron Mountain
 
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...Caktus Group
 
Alex jeff presentation_final_2
Alex jeff presentation_final_2Alex jeff presentation_final_2
Alex jeff presentation_final_2Atlassian
 

Ähnlich wie Discovery refeds 11 (20)

GoT ServiceNow Realm Survial Guide
GoT ServiceNow Realm Survial GuideGoT ServiceNow Realm Survial Guide
GoT ServiceNow Realm Survial Guide
 
Rails Operations - Lessons Learned
Rails Operations - Lessons LearnedRails Operations - Lessons Learned
Rails Operations - Lessons Learned
 
Gateway to Agile: XP and BDD
Gateway to Agile: XP and BDD Gateway to Agile: XP and BDD
Gateway to Agile: XP and BDD
 
Planning JavaScript and Ajax for larger teams
Planning JavaScript and Ajax for larger teamsPlanning JavaScript and Ajax for larger teams
Planning JavaScript and Ajax for larger teams
 
Microsoft Webday 2008 - Silverlight Experiences
Microsoft Webday 2008 - Silverlight ExperiencesMicrosoft Webday 2008 - Silverlight Experiences
Microsoft Webday 2008 - Silverlight Experiences
 
Don't hate, automate. lessons learned from implementing continuous delivery
Don't hate, automate. lessons learned from implementing continuous deliveryDon't hate, automate. lessons learned from implementing continuous delivery
Don't hate, automate. lessons learned from implementing continuous delivery
 
Running a business on Web Scraped Data
Running a business on Web Scraped DataRunning a business on Web Scraped Data
Running a business on Web Scraped Data
 
Scaling on DigitalOcean
Scaling on DigitalOceanScaling on DigitalOcean
Scaling on DigitalOcean
 
From desktop to the cloud, cutting costs with Virtual kubelet and ACI
From desktop to the cloud, cutting costs with Virtual kubelet and ACIFrom desktop to the cloud, cutting costs with Virtual kubelet and ACI
From desktop to the cloud, cutting costs with Virtual kubelet and ACI
 
Javaland 2017: "You´ll do microservices now". Now what?
Javaland 2017: "You´ll do microservices now". Now what?Javaland 2017: "You´ll do microservices now". Now what?
Javaland 2017: "You´ll do microservices now". Now what?
 
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
 
UX Flow: way to solve problems
UX Flow: way to solve problemsUX Flow: way to solve problems
UX Flow: way to solve problems
 
Performance Tools from HP Help IT Services Provider Savvis Scale to Meet Cust...
Performance Tools from HP Help IT Services Provider Savvis Scale to Meet Cust...Performance Tools from HP Help IT Services Provider Savvis Scale to Meet Cust...
Performance Tools from HP Help IT Services Provider Savvis Scale to Meet Cust...
 
Licenses, Contributions, Support or the lack thereof
Licenses, Contributions, Support or the lack thereofLicenses, Contributions, Support or the lack thereof
Licenses, Contributions, Support or the lack thereof
 
Paris Web - Javascript as a programming language
Paris Web - Javascript as a programming languageParis Web - Javascript as a programming language
Paris Web - Javascript as a programming language
 
Grow your startup with on deman talent by hayley conick at guru program sprin...
Grow your startup with on deman talent by hayley conick at guru program sprin...Grow your startup with on deman talent by hayley conick at guru program sprin...
Grow your startup with on deman talent by hayley conick at guru program sprin...
 
Functional requirements: Thinking Like A Pirate
Functional requirements: Thinking Like A PirateFunctional requirements: Thinking Like A Pirate
Functional requirements: Thinking Like A Pirate
 
729 Solutions Helps Connect The Dots - Our Services At A Glance
729 Solutions Helps Connect The Dots - Our Services At A Glance729 Solutions Helps Connect The Dots - Our Services At A Glance
729 Solutions Helps Connect The Dots - Our Services At A Glance
 
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...
 
Alex jeff presentation_final_2
Alex jeff presentation_final_2Alex jeff presentation_final_2
Alex jeff presentation_final_2
 

Mehr von refeds

REFEDS MET, PEER and MDUI Presentation
REFEDS MET, PEER and MDUI PresentationREFEDS MET, PEER and MDUI Presentation
REFEDS MET, PEER and MDUI Presentationrefeds
 
REFEDS Overview
REFEDS OverviewREFEDS Overview
REFEDS Overviewrefeds
 
Apanheath
ApanheathApanheath
Apanheathrefeds
 
Apannate
ApannateApannate
Apannaterefeds
 
Shib survey
Shib surveyShib survey
Shib surveyrefeds
 
Refeds ferpa v0 02
Refeds ferpa v0 02Refeds ferpa v0 02
Refeds ferpa v0 02refeds
 

Mehr von refeds (6)

REFEDS MET, PEER and MDUI Presentation
REFEDS MET, PEER and MDUI PresentationREFEDS MET, PEER and MDUI Presentation
REFEDS MET, PEER and MDUI Presentation
 
REFEDS Overview
REFEDS OverviewREFEDS Overview
REFEDS Overview
 
Apanheath
ApanheathApanheath
Apanheath
 
Apannate
ApannateApannate
Apannate
 
Shib survey
Shib surveyShib survey
Shib survey
 
Refeds ferpa v0 02
Refeds ferpa v0 02Refeds ferpa v0 02
Refeds ferpa v0 02
 

Kürzlich hochgeladen

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

Kürzlich hochgeladen (20)

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 

Discovery refeds 11

  • 1. Discovery & Login Status Some thoughts for federation operators.Rod Widdowson EDINA
  • 2. Status Next generation software is here or nearly here. Shibboleth: EDS V1.0. IdP 2.3. SP 2.4. DiscoJuice. But the work now moves to federation operators.
  • 3. Take-aways from this talk “Discovery & Login” Extensions are really important: Make recommendations about them. Start collecting them. Engage with entity operators about them. ... And don’t forget your own discovery service
  • 4. Discovery Extensions? A picture may be worth 1024 words (which is between 1024 and 4096 octets depending on the architecture in question)
  • 5. WAS: Start at the SP
  • 6. WAS: Go to the DS
  • 7. WAS: Thence to the IdP
  • 8. To note Three different web pages Three different brandings One of which is probably complete strange to the first time user. There is no indication that you are doing the right thing
  • 11. IdP
  • 12. SP
  • 14. IdP
  • 16. Discovery extensions? Or “SAML V2.0 Metadata Extensions for Login and Discovery User Interface Version 1.0” as it likes to be known. http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-ui/v1.0/sstc-saml-metadata-ui-v1.0.pdf User Information Hinting Information
  • 17. User Info Things used in the UI to ease discovery and login. Display Name. Display Description. Logos. Keywords. Information & Privacy Statement URLs.
  • 18. Logo But what sizes? Shibboleth recommendations: IdPs https://wiki.shibboleth.net/confluence/display/EDS10/4.+Metadata+Considerations SPs https://wiki.shibboleth.net/confluence/display/SHIB2/IdPMDUIRecommendations Your CDS will also have recommendations. As will policy.
  • 19. Hinting Geo: “If you physically close to a campus you may prefer that IdP”. IP: “If you are on an campus IP address you may prefer that IdP”. DNS: “If you machine has a campus DNS, you may prefer that IdP”.
  • 20. Take-aways From this talk “Discovery & Login” extensions really matter. Make recommendations about them. Start collecting them. Engage with entity operators To add the extensions. To exploit the extensions: There is software already shipping to do this. Not just Shibboleth. ... And don’t forget your own discovery service.
  • 21. Federation Discovery Service Based on UK experience: Try to down play it within your organization. You don’t show off your toilets to your house guests: It’s just something you have to have. Think about the continuing story. Add SP co-branding. Add IdP branding. Remove your own branding. Remember to consider accessibility. Start thinking about cross federation discovery.
  • 22. Questions Rod Widdowson rdw@steadingsoftware.com
  • 23. Discovery isn’t About scale. About the operators’ branding. About accounting. About a central service. Confined to your domain.
  • 24. Discovery is Never perfectly addressed. Going to get harder. About the first user. About a seamless experience. About commonality of experience. Everyone’s job.
  • 25. Discovery isn’t about scale Actually it might be. But not yet
  • 26. Discovery isn’t About accounting No matter how tempting it might be to assume it, not every transaction goes via the DS. About a single central service Well it is, but we would like it not to be. And we are going to have to move away from that.
  • 28. Discovery is Never perfectly addressed We can just make it less bad via a series of aproximations. About the first user The first ever user The first user at this site Consistency Between discovery pages at different sites. Give the feeling of an ongoing story.
  • 29. Discovery isn’t about the operator’s branding It just confuses the first time user
  • 30. Suggestions for OperatorsSPs Work with your SP to deploy their own discovery solutions Shibboleth SP SPs using the Shibboleth CDS Other types of SP which use the Shibboleth EDS SimpleSAMLphp Get SP operators to contribute discovery & login information.
  • 31. Suggestions for OperatorsIdPs Work with your IdPs to add SP co-branding on the login page Shibboleth: Always been feasible Default page in 2.3 Other IdPs Get IdP operators to contribute discovery & login information.