[kepler-dev] Kepler + authentication

Matt Jones jones at nceas.ucsb.edu
Tue Sep 9 07:12:10 PDT 2008


Hi Michel,

We've done some work on trying to manage a common authentication system for
Kepler.  There is an AuthenticationManager that provides authentication,
certificate management, and session management on behalf of the user.  By
using the API that we provide, the AuthenticationManager can store and
authenticate using several different mechanisms that are encapsulated as
AuthenticationService classes, including on service that handles the
generation and use of proxy certificates.  When a client like an actor makes
a call to the AuthenticationManager, a UI can be displayed to ask the user
to provide credentials specific to the domain being handled. The API for the
AuthenticationManager and AuthenticationService is described here:

http://www.kepler-project.org/Wiki.jsp?page=KeplerAuthenticationFramework#section-KeplerAuthenticationFramework-API

When the API is used, a specific AuthenticationService class is instantiated
based on the domain of the service request.  The set of service classes is
determined at run time from a properties file (also described above), so new
AuthenticationService types can be added as needed.

Regards,
Matt

On Tue, Sep 9, 2008 at 2:27 AM, Michal Owsiak <michalo at man.poznan.pl> wrote:

> Hello all,
>
> I have following question. How can I introduce authentication mechanism
> into Kepler (if it is possible at all). I can see that Kepler provides some
> sort of authentication for Ecogrid (Tools -> Ecogrid Authentication).
>
> Is it possible to automatically add different type of authentication?
>
> What I want to achieve is to have a single point authentication for the
> work-flow. I want to generate grid-proxy basing on proxy, key and password.
> I'd like to provide Kepler with these information in a "login dialog" way.
> Then, I'd like to have an access to this data through the parameters. Is it
> possible to achieve?
>
> Another question is. Is it possible to present user with dialog (during
> work-flow execution) that will allow to enter password? This means that text
> field must hash entered text (preferably with "*").
>
> Thanks in advance for the answer
>
> Cheers
>
> Michal
>
> --
> Michal Owsiak <michalo at man.poznan.pl>
> Poznan Supercomputing and Networking Center
> ul. Noskowskiego 10, 61-704 Poznan, POLAND
> http://www.man.poznan.pl
> _______________________________________________
> Kepler-dev mailing list
> Kepler-dev at ecoinformatics.org
> http://mercury.nceas.ucsb.edu/ecoinformatics/mailman/listinfo/kepler-dev
>



-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Matthew B. Jones
Director of Informatics Research and Development
National Center for Ecological Analysis and Synthesis (NCEAS)
UC Santa Barbara
jones at nceas.ucsb.edu Ph: 1-907-523-1960
http://www.nceas.ucsb.edu/ecoinfo
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mercury.nceas.ucsb.edu/ecoinformatics/pipermail/kepler-dev/attachments/20080909/ef29346d/attachment.html>


More information about the Kepler-dev mailing list