Skip to content

Latest commit

 

History

History
40 lines (31 loc) · 1.33 KB

20220823-minutes.md

File metadata and controls

40 lines (31 loc) · 1.33 KB

Authentication Working Group Minutes

Tuesday, 2022/08/23

10:00 am ET

Attendees:

Terrell Russell, Dave Fellinger, Kory Draughn, Alan King, Harry Kodden (SURF), Claudio Cacciari (SURF), Martin Golasowski (IT4I)

Minutes

SUMMARY:

DISCUSSION

  • Harry update, SURF
    • SRAM handles team member enrollment / group management
      • and authentication
      • Stores public keys for each user
      • and .irods/irods_environment.json
      • Including pam_interactive as auth scheme
    • Containerized setup
    • Policy document describing how sync.py behaves
      • For creation AND for deletion of iRODS accounts
        • Ownership of any leftover data (reverts to admins, etc.)
  • iRODS may eventually choose one of these user/group management solutions
  • https://github.com/HarryKodden/irods-ldap-sync
    • Handles all groups from SRAM to iRODS
    • But not iRODS to SRAM, so should be turned off / controlled
  • Python PAM bridge...
    • Prototype in python... Is it safe enough to use in production?
    • Then ported to C for production use
  • Next steps
    • Once access token expires... Refresh token work, perhaps seamlessly
  • Next Meeting
    • Sept 2022