Mar 25 – 29, 2019
SDSC Auditorium
America/Los_Angeles timezone

BNL activities on federated access and Single Sign-On

Mar 26, 2019, 2:50 PM
E-B 212 (SDSC Auditorium)

E-B 212

SDSC Auditorium

10100 Hopkins Drive La Jolla, CA 92093-0505
Networking & Security Networking & Security


Tejas Rao (Brookhaven National Laboratory)


Various High energy and nuclear physics experiments already benefit from using the different components of Federated architecture to access storage and infrastructure services. BNL moved to Identity management (Redhat IPA) in late 2018 which will serve as the foundation to move to Federated authentication and authorization. IPA provides central authentication via Kerberos or LDAP, simplifies administration,
has a rich CLI and a web based user interface. This presentation describes how federated authn/authz will be enabled in the near future at the level of individual applications like Globus online, Invenio, BNLbox, Indico, Web services and Jupyter.

Primary author

Tejas Rao (Brookhaven National Laboratory)

Presentation materials