COmanage | HEXAA | Perun | |
---|---|---|---|
At a glance | |||
* *this is the new ui | |||
User Facing features | |||
user Onboarding | Configurable enrollment flows
|
| |
VO structure | (VO-s in COmanage are called COs)
|
| |
SP onboarding | manual, in JRA3-developed sql db (as of v1.0.5) | 1) Login with any eduGAIN idp 2) select sp entityID 3) token is sent by email to contact info from metadata. The owner of those addresses becomes manager of the SP | |
SP managers | -(as of v1.0.5 - might be added in next version) | managers can invite additional managers | |
SP permissions | ?. It seems that we are not planning such thing | SP managers can define permissions and grant them to VO-s | |
Subscription to SPs | ? manual for now | "subscription model" 1) VO manager applies for public SP+permission 2) SP manager accepts application "invite model" 1) contact and deal is made off-band 2) SP admin generates token for permission and sends via email/etc. 3) VO manager connects by the token | |
Profile | A big drawback in my (Mihaly) opinion of COmanage is that profile data (User SSH key, email, etc) is not fully separated from VO data, thus the VO admin is able to change these without the knowledge of the user. |
| |
Member notification | Mass notifications can be sent at COUs | A nice feature of HEXAA is that it is able to send a message to all VO or VO/Role members via email. | |
Technical features | |||
eduGAIN metadata integartion | - | all eduGAIN SP-s are automatically added to the system via cron+xsl script | |
API | API for a considerable number of functions but not for templates, and other advanced stuff | full API, the GUI itself uses the REST API | |
custom GUI | it should be possible to some extent, but no partial access |
| |
deprovisioning | plugins? | hooks, that call urls with json parameters at defined events, like user removal from group | |
Development model | "COmanage, a project funded by the NSF and Internet2", details TBA |
| |
Operation model | as an eduTEAM service
|
| |
Roadmap | 1.1.1 is upcoming, with several new features useful for us (TBA) |
|