Fermilab Computing Division

CS Document 2440-v1

Authorization Interoperability Meeting on Sep 18, 2007 - Minutes

Document #:
Document type:
Submitted by:
Gabriele Garzoglio
Updated by:
Gabriele Garzoglio
Document Created:
21 Sep 2007, 11:15
Contents Revised:
21 Sep 2007, 11:15
Metadata Revised:
21 Sep 2007, 11:15
Viewable by:
  • Public document
Modifiable by:

Quick Links:
Latest Version

-- Back to the premises: why do we work with Globus for an XACML implementation
instead of using OpenSAML ?
1) OpenSAML v1 is not developed anymore; support has been dropped
2) today, OpenSAML v2 only provides an alpha implementation
3) there are no published milestones defined by the OpenSAML v2 development
4) Java bindings in OpenSAML v2 still needs a lot of work. Cannot depend on them
for the GT releases.
5) Globus is committed to working with our group to address our requirement with
the right priority.
Globus will reevaluate OpenSAML v2 once the library is stable.

-- Not all the constants in the XACML specs are implemented in the aplha version
of the Globus library. Some constants may not be implemented according to the
Yuri and CNAF should provide a list of what constants are relevant for their use
cases, in order to enable prioritization.
Globus is committed to fixing potential deviations from the specs and to
implementing the required constants in the beta version.

-- The group is converging on the list of obligations that will be understood by
our middleware (Username, UIDandGID, etc.). The draft of the official document
should be ready early in October. Once ready, Globus will introduce regression
tests based on them.

-- No time to delve into the details of the requirements for the beta version

-- We will meet on Oct 10 at 10 am CDT

Files in Document:
Associated with Events:
Authorization Interoperability held on 18 Sep 2007
DocDB Home ]  [ Search ] [ Authors ] [ Events ] [ Topics ]

DocDB Version 8.8.9, contact Document Database Administrators