[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[gridshib-dev] GridShib for GT v0.6.0 Technology Preview 3

To: "GridShib Developers" <gridshib-dev@xxxxxxxxxx>
Subject: [gridshib-dev] GridShib for GT v0.6.0 Technology Preview 3
From: "Tom Scavo" <trscavo@xxxxxxxxx>
Date: Mon, 25 Jun 2007 19:51:54 -0400
Delivered-to: glbs-gridshib-dev-sendit@mailbouncer.mcs.anl.gov
Delivered-to: glbs-gridshib-dev@mailbouncer.mcs.anl.gov
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=czmX3B7rr30rnRwXMCJYJxbTOqvCIp28O/4kUaJ+lmyRWRh/aWrfmHpi/9cJMi3v5pieOuOhDAXDD7XclSfAzMPIXTXvvJqpzWKpx7GqPnZvcJdPn2aqbRo4Fb7dMDL3PDsQe9phJYppzoEZK7vZyRjfedxAXlQ3JMC+24V2lIc=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=pZVAthVLTmo+G9ZJ/4SVD0yit6XyeRT2DXc6DMqiJ8E4Ya7n1ehGIrAH2RdToqBWm8bdxut6nt5cPqUJ+Ud73/6e6GsmDCedd/8x9XHpnEWAEbWNYfDtSICwckbzBWz6miLqhwS7TuV71PopRnjm/rd8dAKloomt3nGh9hpGFMo=
Sender: owner-gridshib-dev@xxxxxxxxxx

The third Technology Preview (TP3) of GridShib for GT v0.6.0 is
available for evaluation and testing.

Download
http://gridshib.globus.org/downloads/gridshib-gt-0_6_0-tp3-src.tar.gz
http://gridshib.globus.org/downloads/gridshib-gt-0_6_0-tp3-src.zip

The distribution files contain a Quick Start guide, which is also
available online:

Quick Start
http://gridshib.globus.org/docs/gridshib-gt-0.6.0-tp3/quick-start.html

Technology Preview 3 of GridShib for GT v0.6.0 introduces some
significant new features:

- A single comprehensive PDP, the GridShibPDP
- Implementation of a new Attribute Aggregation Algorithm (push + pull)
- Dual support for both GT4.0 and GT4.1+
- Improved logging

This is in addition to features already introduced in previous
versions of GridShib for GT:

- Support for both Attribute Push (NEW) and Attribute Pull
- Blacklisting of IP addresses (NEW)
- Attribute Mapping
- Attribute-based Authorization Policy

Version 0.6.0 is a complete redesign of previous versions of GS4GT,
which continues to evolve:

http://dev.globus.org/wiki/GridShib_for_GT_Design

The most significant new feature in TP3 is its ability to combine
attributes from both pushed and pulled SAML assertions.  A new IdP
Discovery algorithm based on pushed SAML makes it possible to query
multiple Attribute Authorities.

Like earlier versions of GridShib for GT, TP3 consumes pushed SAML
assertions bound to X.509 certificates.  (The GridShib CA v0.4.0 and
the GridShib SAML Tools v0.1.4 are both compatible with GS4GTv0.6.0.)
The details of this X.509 binding and the processing steps associated
with attribute push are discussed in this wiki article:

http://dev.globus.org/wiki/SAML_in_X.509_Validation

Documentation is still lacking, so please post your questions re this
Technology Preview release here in the gridshib-dev mailing list.  We
look forward to your feedback.

Tom Scavo
Tim Freeman
for the GridShib Team

Prev by Date: Re: [gridshib-dev] populating Issuer Alt Name with SAML entityID
Next by Date: [gridshib-dev] Configuring GS4GT for attribute pull
Previous by thread: Re: [gridshib-dev] When should an interceptor fail?
Next by thread: [gridshib-dev] Configuring GS4GT for attribute pull
Index(es):
- Date
- Thread