| Issue |
EPJ Web of Conf.
Volume 295, 2024
26th International Conference on Computing in High Energy and Nuclear Physics (CHEP 2023)
|
|
|---|---|---|
| Article Number | 04038 | |
| Number of page(s) | 6 | |
| Section | Distributed Computing | |
| DOI | https://doi.org/10.1051/epjconf/202429504038 | |
| Published online | 06 May 2024 | |
https://doi.org/10.1051/epjconf/202429504038
Solutions for non-web OAuth 2.0 authorisation at CERN
CERN
* e-mail: asier@aguado.email
** e-mail: hannah.short@cern.ch
*** e-mail: sebastian.lopienski@cern.ch
Published online: 6 May 2024
The need for Single Sign-On solutions in command line interfaces is not new to CERN. Different technologies have been introduced and internal solutions have been implemented to allow users to authenticate to remote servers or applications from their console interfaces. In the case of web services, the most common approach was to use cookie-based authentication, for which an internal tool was developed and made available for all the CERN user community. As the authorisation infrastructure evolved and started to fully support the OAuth 2.0 standard, as well as two-factor authentication (2FA), using the internal tool started to show its limitations. In this work, we present the past and present (OAuth-compliant) solutions, and compare them by looking at the advantages and disadvantages we have found. We also present a case study of a service, OpenShift, that implements this new authentication solution for their users.
© The Authors, published by EDP Sciences, 2024
This is an Open Access article distributed under the terms of the Creative Commons Attribution License 4.0, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.
Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.
Initial download of the metrics may take a while.