GARR, within this reasearch activity within the Géant Project, is doing research activity to use Grouper as an authorization tool for multiple Virtual Organizations.
The general idea of this research is to extend federated identities from the management of user authentication to include also authorization.
To support these activities, Grouper has been embraced as a central solution for managing user groups and attributes. Grouper has been used to manage in a centralized way (yet eventually permitting delegation):
This experience, in particular, proved the general scenario for federated authentication and has aimed at integrating three applications into Grouper by externalizing their authorization policy representation:
See presentation from 2014 Technology Exchange.
See a short abstract about the research activities realized.
The PoC is available, only to authorized users, here: