Tuesday, 2022/02/22
10:00 am ET
Terrell Russell, Alan King, Kory Draughn, Dave Fellinger, Mike Conway (NIEHS), Martin Golasowski (IT4I), Claudio Cacciari (SURFsara), John Constable (Sanger)
DISCUSSION
- Incorporating AWG framework into main branch (for 4.3.0)
- Progress is being tracked here: irods/irods#5479
- clientLogin now sniffs for versions >=4.3.0 and uses the new plugin framework
- dynamically loads the plugins based on the client environment (i.e. all iCommands use this)
- Native authentication plugin from original AWG effort integrated into main branch
- Working to implement PAM and Kerberos for 4.3.0
- Initial effort will port legacy PAM plugin included with iRODS server
- Considering not implementing osauth or GSI
- PAM stack with multiple challenges is the main use case
- To emulate/copy functionality in the SURF PoC
- https://github.com/stefan-wolfsheimer/irods_auth_plugin_pam_interactive
- PAM token length consideration - OIDC token too long for iRODS password field
- solved/workaround is to hash the token on the client slide plugin
- still allows it to be compared
- solved/workaround is to hash the token on the client slide plugin
- Next Meeting
- March 2022