Using Keycloak for Gateway Authentication and Authorization

Thumbnail Image

Files

Christie_Marcus_Keycloak_Gateways_2017.pdf (328.22 KB)
Can’t use the file because of accessibility barriers? Contact us with the title of the item, permanent link, and specifics of your accommodation need.

Date

2017-10-09

Authors

Journal Title

Journal ISSN

Volume Title

Publisher

Permanent Link

https://hdl.handle.net/2022/21981

Abstract

Establishing users’ identities before they access research infrastructure resources is a key feature of science gateways. With many science gateways now relying on general purpose gateway platform services, the challenges of managing identity-derived features have expanded to include authorization between science gateway tenants, middleware, and third party identity provider services. The latter include campus identity management systems. This paper examines the use of Keycloak as an implementation of an identity management system for Apache Airavata middleware, replacing our previous WSO2 Identity Server-based implementation. This effort raises larger issues that software-as-a-service communities should consider when embedding dependencies on third party software and services, including developing selection criteria and future-proofing systems.

Description

Keywords

science gateway; authentication

Citation

Christie, M., Bhandar, A., Nakandala, S., Marru, S., Abeysinghe, E., Pamidighantam, S., & Pierce, M. (2020). Managing authentication and authorization in distributed science gateway middleware. Future Generation Computer Systems. 111. 780-785. https://doi.org/10.1016/j.future.2019.07.018

Journal

DOI

https://doi.org/10.6084/m9.figshare.5483557.v1

Link(s) to data and video for this item

https://figshare.com/articles/Using_Keycloak_for_Gateway_Authentication_and_Authorization/5483557
https://doi.org/10.1016/j.future.2019.07.018

Relation

Rights

https://creativecommons.org/licenses/by-nd/4.0/

Type

Preprint

Collections

Peer-reviewed Publications