InCommon Pilot Call
November 21, 2013
PARTICIPANTS: Steve Olshansky (Internet2), Shel Waggener) Al Brunckow and Rod Richards (South East Community College) Brian Peterson (UEN) Mike Danahy (Educational Service Unit Coordinating Council - NE), David Dennis (Merit)
TASKS:
*
MEETING NOTES: (Call Recorded)
1) Roll Call, Agenda Bash, Approve Minutes, Intellectual Property Rights Policy Reminder
http://www.internet2.edu/membership/ip.html
2) *Brief* updates from each of the 8 pilots
a) IllniCloud - We have been progress on setting up our federated K12 service, we are currently involved in a working-session with both Unicon and Aegis (on-site) and have stubbed in both a central Idp with a basic profile repository and a central portal we refer to as the "application launcher" with an SP configured. In addition, since "identity week" we have established a working relation with itrust.illinois.edu (University of Illinois federation over all 3 campuses) to leverage their federation registry service (and others). Through this, we have established IlliniCloud as a federation organization and registered our central Idp (stub) and SP. Our application partners are currently working to leverage the presentation service and the central identity service for the K12 district clients.
b) Nebraska – They are targeting the 1st of December to have Shibboleth up and running. Department of Education has identified the EdFI project and authentication for data warehouse. Scott is putting together an identity initiative. They will be working with Gluu in getting the shibboleth server running. The Identity management working group met again last week, and will meet again in January. 5 IdP installations are in planning or in progress at Educational Service Units. A very early draft of operating practices for our working group was circulated for review and comment. We're following the University of Nebraska's project to federate across 4 campuses, central administration and with InCommon. They are glad to have Greg Gray from the University system participating in our working group so that our projects stay cross-informed and we may benefit from that work. They plan to evaluate the SAML IdP Proxy project due to the number of Educational Service Units and constituent school districts which will likely participate in the federation long-term.
c) We're wrestling with the question of how to advise and serve school districts who have no directory system of any kind in their districts or ESUs, but may rely solely on their Google Apps domain. One of these has come up in the group of pilot districts for the Nebraska Department of Education's upcoming data dashboard pilot. That leads us to consider ways to provision Google as an SP and whether the social-to-SAML gateway would be appropriate.
d) Merit – Not much progress over the past two weeks. There are institutional priorities that require the pilot in line
e) UEN – set up service directory for internal users and has shibboleth is set up. They also set up a demo service provider and the functionality is working. A developer is getting the service portal underway. Next steps are figuring how to pull in the two districts in the south and how to get the IdP integrated into the active director. They were considering having a central IdP, there is already a central data base, when one of the school district gets set up and mapped they will shift slowly to a separate service directory. Once the portal l is set up as a service provider, they then need to consider the meta data and if they will be using InCommon. UEN has developers looking at the login module for our Portal. They want to have the portal use Shibboleth for its authentication. However early on with the portal they hijacked the login and made it possible for self registration that seems to be at odds with the federated ID approach. UEN is using the Liferay portal version 5.1.6. Interested if anyone else has dealt with Shibboleth and Liferay as well as a self registration within a federation.
a) Development IdP running and using Active Directory as its information source. Tested with a Service provider that test the IdP authentication.
2) STATUS: *Important* Case studies, lessons learned, etc.
a) Please contact SteveO if you need to get set up in the Wiki
3) InCommon/Quilt Meeting in February will be held on the 6th & 7th
a) Desired outcomes
i) Meeting with peers
ii) Please feel free to discuss on the mailing list
iii) Currently there isn’t a pilot that is in production – MCNC will be sharing a document about their experiences in setting up their pilot.
iv) IlliniCloud has hired 2 consultants and are moving towards launching pilot program
v) Identity week was successful.
(1) Content distribution with Smithsonian and are currently working with UEN and the University of Utah
4) Action item recap, next call Thursday 5-December at 4:00 PM EST
END OF CALL