Second Token-based AuthN/Z Hackathon

16 Sept 2020, 15:00 → 18 Sept 2020, 18:00 Europe/Zurich

Topics:

• WLCG JWT profile compliance
• Audience restrictions and token exchange
• Group-based authorization
• Local user mapping

Zoom room (kindly provided by STFC)

Github Repo

Shared Google doc (for feeback/notes/shared info)

Wednesday, 16 September

15:00 → 18:00 Day 1

Development targets (depending on participation):
- Update smoke test scripts to use JWT - get JWT email.
- Group-based authorization.
- JWT profile compliance test suite.
- Test compatibility with the CILogon token issuer.
- Configure additional endpoints for JWT.
- GFAL support for bearer token discovery.
- Rucio transfers.

15:00 Introduction

Speaker: Andrea Ceccanti (Universita e INFN, Bologna (IT))

second-token-based-hackathon.pdf

Thursday, 17 September

15:00 → 18:00 Day 2

Discussions on local user mapping.
Discussion on tokens in XRootD.

15:00 Inroduction

Recap on progress and plans for the day

Speaker: Andrea Ceccanti (Universita e INFN, Bologna (IT))

Friday, 18 September

15:00 → 18:00 Day 3

Follow-up from prior days
Simplifying the LHC VOs enrollment flows
Transitioning IAM in production for LHC VOs

15:00 Introduction

Recap on progress and plans for the day

Speaker: Andrea Ceccanti (Universita e INFN, Bologna (IT))