JIRA Issue

[#XCI-36] Enable L3 resource logins via XSEDE using login allocations

[XCI-36] Enable L3 resource logins via XSEDE using login allocations Created: 01/23/2017  Updated: 04/27/2020  Resolved: 12/17/2019

Status: Closed
Project: XSEDE Cyberinfrastructure Integration
Component/s: AMIE, Information Services, Resource Description Repository (RDR), XSEDE Publish/Subscribe Service (RabbitMQ), XSEDE Resource Allocation Service (XRAS), XSEDE SSO hub (login.xsede.org)
Fix Version/s: PY6 Increment B (Jan - Apr '17), PY7 (Sep '17 - Aug '18), PY8 (Sep '18 - Aug '19), PY9 (Sep '19 - Aug '20)

Type: XCI New Capability Priority: Critical
Reporter: Jim Basney Assignee: JP Navarro
Resolution: Done Votes: 0

Attachments: File signature.asc    
Issue Links:
has review REVIEW-45 XCI-36 Enable L3 resource logins via ... Closed
XCI Deliverable
is deliverable of XCI-33 CDP for CB-08: Use XSEDE SSO with cam... Closed
XCI-161 Document GSISSH setup for XCI-36 Sub-task Closed Derek Simmel  
XCI-162 Help colorado.edu set up AMIE/RabbitM... Sub-task Closed Rob Light  
XCI-163 Set up new login allocations for XCI-... Sub-task Closed Amy M. Schuele  
XCI-164 Document the process for campus IT ad... Sub-task Closed JP Navarro  
XCI-165 Provide documentation for campus IT a... Sub-task Cancelled Amy M. Schuele  
XCI-166 XCI-36 Test Plan Sub-task Cancelled Jim Basney  
XCI-167 XCI-36 Deployment Doc Sub-task Closed JP Navarro  
XCI-168 Finalize needed steps for a resource ... Sub-task In Progress JP Navarro  
XCI-234 Working with Jonathon Anderson on Col... Sub-task Closed Rob Light  
XCI-537 Improve RabbitMQ AMIE documentation Sub-task Closed Rob Light  
XCI-686 Identify new tester site to go thru d... Sub-task Cancelled JP Navarro  
Target Operator:
Campus Resource Operators, XSEDE Enterprise Services
XSEDE Priority: -
Use Case Priority: High
Public activity link: https://software.xsede.org/display/xci-36
Devel Repository:
Use Cases:
CB-08: Use a community login service with campus login servers
Effort and Costs:
Staff Name (Lastname, Firstname) Effort (person weeks) Roles or Contributions Status
Basney, Jim 1 launch activity, write design doc & test plan design doc v1.1
Light, Rob 2 explore/pilot a streamlined process for SPs without a full blown AMIE deployment, either using RabbitMQ or XCDB API done
Soriano, Ester 0.2 Establish a process for creating, via XRAS, an XSEDE Project, with the PI / Allocation Managers being the appropriate campus IT administrators and an allocation on the single campus login server resource. done
Simmel, Derek 0.5 Enhance the SSO Hub to recognize researchers on L3 Resource Login Allocations as "allocated users" so it automatically creates their SSO Hub accounts none
Simmel, Derek 0.5 Enhance the SSO Hub to display and facilitate login to a dynamically configured set of login servers based on SP self registration via RDR and IPF XCI-168
Fleury, Terry 0.2 Confirm that XSEDE MyProxy recognizes researchers on L3 Resource Login Allocations as "allocated users" so it issues certificates for them. none
Navarro, JP 0.2 Document the process for campus IT administrators to register their campus login servers as an L3 Resource using RDR and IPF. XCI-164
Simmel, Derek 0.2 Provide documentation for campus IT administrators on setting up GSISSH on an L3 Login Resource XCI-161
Light, Rob 0.2 Provide documentation for campus IT administrators on setting up AMIE at the SP and responding to required AMIE packets done
Soriano, Ester 0.2 Provide documentation for campus IT administrators on inviting researchers to create XSEDE portal accounts and adding them to the L3 Resource Login Allocation XCI-165
Smallen, Shava 2 end-to-end testing none
Activity Deliverable Detail Status
2017-03-15   Software Documentation (or D-SD) Design documentation v1.1 updated to address design review comments
2017-04-24   Implemented Capability (or D-SW)   none
2017-04-24   Software Documentation (or D-SD) Deployment documentation none
2017-04-24   Software Documentation (or D-SD) Test plan draft
2017-04-24   Documentation (or D-UD) Documentation amie_rabbitmq_implementation_sso.docx
2017-04-24   Engineering Data (or D-ED) TRR Baseline (Shava) none
2017-06-01   Engineering Data (or D-ED) Deployment Baseline (Shava) none
2017-06-01   Engineering Data (or D-ED) Test Report (Shava) none
Planned Launch Date:
Actual Launch Date:
Planned Design Review Date:
Actual Design Review Date:
Planned Test Readiness Review Date:
Actual Test Readiness Review Date:
Planned Complete Date:
Actual Complete Date:
Activity Lead: Jim Basney
Lead Tester: Shava Smallen
Design Document: https://software.xsede.org/svn/xci/activities/xci-036/trunk/Deliverables/L3Logins-Design.pdf
Test Plan: https://docs.google.com/document/d/1TP_LhlNoDkjI7Cbd3EHL9IGl-dNYlNfxFJHMpI9bWgo


CB-8: A campus IT administrator allows XSEDE-registered researchers to log in to campus login servers (remote command shell) using their XSEDE usernames/passwords. http://hdl.handle.net/2142/94821

The capability delivery plan for CB-8 (XCI-33) identifies the following functionality gap:

CB-8 specifies that the "solution should not require the campus services to participate in XSEDE allocation processes." However, XSEDE SSO depends heavily on artifacts of the XSEDE allocation process, namely, users associated with active allocations in XCDB with AMIE packets notifying SPs of account/allocation mappings. To close this gap, we implement a new allocation type, called an L3 Resource Login Allocation, that can be easily created and managed by the campus IT administrator, without needing to follow the usual XSEDE allocation processes.


There are comments for XCI-36 that can be viewed with XSEDE authentication.