Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Goals

  • Advance the integration of the components of the LSST Science Platform

...

TimeItemWhoNotes
Demonstration of SSO on lsst-lsp-int.ncsa.illinois.edu Portal

Demonstrated:

  • Transparent intercept of attempts to access the Portal Aspect, redirecting the user to the CILogon federated-identity login screen, thence to an institutional login screen (NCSA 2FA and Stanford 2FA were shown), and thence to the actual application. (It was not demonstrated, but also works, to start with the Notebook Aspect.)
  • Ability to access the Notebook Aspect (from the same browser) with no further login required. (This relies on the token already retained by the browser.)
  • Browser-level access to a WebDAV service exposing the NCSA GPFS /datasets directory tree, again with no further login required. Full user impersonation is apparently implemented in the server, but this was not explicitly demonstrated (e.g., by attempting to access a file with owner-only access).
  • Access through Firefly to a FITS file in the workspace

Discussion:

  • Roll-out plans for lsst-lsp-stable
    • T
  • TAP service authorization

Questions:

  • What happens when someone uses valid credentials for an external identity that is not associated with an LSST/NCSA account?
  • How will we use 3rd-party WebDAV clients? TOPCAT?

Portal deployment configuration (brief update) 

AOB

Action items

  •