JGridstart/Confusa

From PDP/Grid Wiki
Jump to navigationJump to search

To avoid manual passport checks during identity vetting, Terena has introduced the Confusa online certificate service. In this way, users can login at their home institution and retrieve a grid certificate in minutes. This is a form of [JGridstart/Authentication#Online_certificate_authority online identity vetting].

jGridstart does not yet support this, but this is on the planning. There have been some problems though as how to work with this to obtain a smooth user-experience.

OAuth

Confusa has implemented OAuth 1.0a so for external applications to retrieve a certificate. The user logs into Confusa, and from there jGridstart can be started with an OAuth access token. Still the user needs to confirm that jGridstart is allowed to retrieve the certificate from the Confusa website, which requires web browser interaction. This is bad for user-experience.

Links