GridCertLib: A Single Sign-on Solution for Grid Web Applications and Portals

Authors:
Riccardo Murri;Peter Z. Kunszt;Sergio Maffioletti;Valery Tschopp
Affiliations:
Grid Computing Competence Centre, Organisch-Chemisches Institut, University of Zürich, Zürich, Switzerland 8057;SystemsX, ETH Zürich, Zürich, Switzerland 8092;Grid Computing Competence Centre, Organisch-Chemisches Institut, University of Zürich, Zürich, Switzerland 8057;SWITCH, Zürich, Switzerland 8004
Venue:
Journal of Grid Computing
Year:
2011

Citing 7
Cited 4

General atomic and molecular electronic structure system

Journal of Computational Chemistry
An Online Credential Repository for the Grid: MyProxy

HPDC '01 Proceedings of the 10th IEEE International Symposium on High Performance Distributed Computing
A Community Authorization Service for Group Collaboration

POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
A Credential Renewal Service for Long-Running Jobs

GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
From gridmap-file to VOMS: managing authorization in a Grid environment

Future Generation Computer Systems - Special issue: High-speed networks and services for data-intensive grids: The DataTAG project
P-GRADE Portal: A generic workflow system to support user communities

Future Generation Computer Systems
P-GRADE portal family for grid infrastructures

Concurrency and Computation: Practice & Experience

The Charité Grid Portal: User-friendly and Secure Access to Grid-based Resources and Services

Journal of Grid Computing
A Single Sign-On Infrastructure for Science Gateways on a Use Case for Structural Bioinformatics

Journal of Grid Computing
Easy Development and Integration of Science Gateways with Vine Toolkit

Journal of Grid Computing
Nephele: Scalable Access Control for Federated File Services

Journal of Grid Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper describes the design and implementation of GridCertLib, a Java library leveraging a Shibboleth-based authentication infrastructure and the SLCS online certificate signing service, to provide short-lived X.509 certificates and Grid proxies. The main use case envisioned for GridCertLib, is to provide seamless and secure access to Grid X.509 certificates and proxies in web applications and portals: when a user logs in to the portal using SAML-based Shibboleth authentication, GridCertLib uses the SAML assertion to obtain a Grid X.509 certificate from the SLCS service and generate a VOMS proxy from it. We give an overview of the architecture of GridCertLib and briefly describe its programming model. Its application to some deployment scenarios is outlined, as well as a report on practical experience integrating GridCertLib into portals for Bioinformatics and Computational Chemistry applications, based on the popular P-GRADE and Django softwares.