October 20th, Vienna

DiscoJuiceIdentity Federations

DiscoJuice

✤ Improved User Interface for IdP Discovery.

✤ Written in javascript.

✤ Has a bunch of APIs to be flexible in various architectures and deployments.

✤ Can be embedded or stand-alone, and central or de-centralized; or a combined mix.

DiscoJuice

✤ First take; somewhat complex to deal with all the deployment options.

✤ Second take will then be to offer a centrally hosted DiscoJuice, embedded on service.

Additional new features

✤ Can obtain metadata from multiple feeds in parallel

✤ Can support caching of metadata feeds

✤ Wait for all feeds to complete before showing list, to avoid flickering.

Flattening cross-federations

✤ Hub and spoke federations a challenge to Discovery

✤ DiscoJuice attempts to flatten the user experience, and include all nested institutions in the user interface. No more multi-page discovery.

✤

Features of hosted DiscoJuice

✤ Cross-service Memory

✤ Cached metadata and JS across services

✤ Prepared metadata feed from popular federations

✤ Implementations of APIs to lookup geo-locations etc.

✤ Parsing and conversion of SAML 2.0 metadata to JSON

Challenges of centrallized DJ

✤ Needs to be very reliable - not more than todays centrallized discovery services though.

✤ Investigate in CDN technology

✤ Who should host it? GÉANT, UNINETT or ?

✤

DiscoJuice.org

✤ Prepared, minified versions offered with gzip.

✤ Different versions available. Automatic upgrades possible!

✤ Parsing and conversion of SAML 2.0 metadata to JSON

✤ Prepared JSON metadata from a bunch of federations

✤ Resizing and caching all MDUI logos.

✤ Implementation of ip to geo-location API

discojuice.org

Simple install

✤ To install, copy and paste:<!-- JQuery hosted by Google --><script src="//ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js" type="text/javascript"></script>

<!-- DiscoJuice hosted by UNINETT at discojuice.org --><script type="text/javascript" src="https://engine.discojuice.org/discojuice-stable.min.js"></script><link rel="stylesheet" type="text/css" href="https://static.discojuice.org/css/discojuice.css" /><script type="text/javascript"> DiscoJuice.Hosted.setup( "a.signon", "Example Showcase service", "https://service.org/saml2/entityid", "http://service.org/response.html", ["edugain", "kalmar", "feide"], "http://service.org/login?idp=" );</script>

✤ Edit the red options for your deployment.

DiscoJuice & eduGAIN

✤ Demo URL: http://bridge.uninett.no/edugain.html

✤ Metadata feed for eduGAIN metadata.

✤ Geo location APIs

✤

Discovery Architecture

✤ Who should aid Service Providers in improving the discovery experience?

✤ Discovery Service in eduGAIN?

✤ How to customize the feed of relevant Identity Providers for a SP?