Speaker
Description
With more applications and services deployed in BNL SDCC that rely on authentication services, adoption of Multi-factor Authentication (MFA) became inevitable. While web applications can be protected by Keycloak (a open source Single sign-on solution directed by Red Hat) with its MFA feature, other service components within the facility rely on FreeIPA (an open source identity management software directed by Red Hat) for MFA authentication. While this satisfies cyber security requirements, it creates a situation where users need to manage multiple tokens and differentiation of them depends upon what they access. Not only this is a major irritation for users, it also adds a burden for staff members who manage user tokens. To tackle the challenges, a solution needs to be found to provide a unified way for token management. In the paper, we elaborate a solution that was explored and implemented at the SDCC, and also plan to extend it's capabilities and flexibility's for future application integration's.
