The GridShib Project is pleased to announce the release of GridShib SAML Tools v0.2.0, which is available now from the GridShib Downloads page:
http://gridshib.globus.org/download.html#saml-tools
The GridShib SAML Tools, an easy-to-install, standalone software package requiring only java and ant, let you issue or request SAML assertions and optionally bind these assertions to X.509 proxy certificates. You can try an online demo of the GridShib SAML Tools before downloading:
https://computer.ncsa.uiuc.edu/gst-demo/
Version 0.2.0 of the GridShib SAML Tools includes the following new features:
- New command-line options and configuration parameters (IdP.entityID, authnInstant, dateTime.pattern)
- Support for multi-valued attributes
- Introducing the GridShib Security Framework
- Support for RFC3820-compliant proxy certificates
- Updated Globus SAML Library (source code included)
- Java API (gridshib-common-0_2_0.jar) for developers
See the CHANGES file for a complete list of enhancements and bug fixes:
For developers, there is a Java API (with javadoc documentation) and sample code illustrating the use of the Security Framework. GridShib SAML Tools supports both the production and the consumption of X.509-bound SAML assertions.
GridShib SAML Tools v0.2.0 is compatible with the forthcoming GridShib for GT v0.6.0.
Tom Scavo
for the GridShib Team
Entries in 'security'
GridShib SAML Tools v0.2.0 is available
GridShib SAML Tools v0.2.0 Technology Preview 2
Tom Scavo writes:
The GridShib Project is pleased to announce the immediate release of GridShib SAML Tools v0.2.0 Technology Preview 2, the first release of the GridShib SAML Tools specifically for developers.
http://gridshib.globus.org/downloads/gridshib-saml-tools-0_2_0-tp2-src.tar.gz
http://gridshib.globus.org/downloads/gridshib-saml-tools-0_2_0-tp2-src.ziphttp://gridshib.globus.org/docs/gridshib-saml-tools-0.2.0-tp2/readme.html
http://gridshib.globus.org/docs/gridshib-saml-tools-0.2.0-tp2/install.htmlTechnology Preview 2 includes the following new features:
- Support for multi-valued attributes
- Complete source code distribution, including the Globus SAML Library
- New GridShib Common Java API (gridshib-common-0_2_0.jar) includes:
- the GridShib Security Framework, a standalone implementation of the X.509 Binding for SAML Assertions
- the Loadable interface and its implementations
- the EntityMap interface and its implementations
- the GridShib Entity Mapper, a container for EntityMap implementations
- Extensive javadoc documentation
- New top-level build file for developers (available from CVS only)
This is the last TP-level release of v0.2.0. We anticipate the final version of GridShib SAML Tools v0.2.0 will be released Aug 24, 2007.
GridShib SAML Tools v0.2.0 TP1 and GridShib for GT v0.6.0 TP4
Tom Scavo writes of two new GridShib technology preview releases:
The GridShib Project is pleased to announce the simultaneous release of GridShib SAML Tools v0.2.0 Technology Preview 1 and GridShib for GT v0.6.0 Technology Preview 4. These two components work together to seamlessly integrate SAML into a Globus grid environment.
To evaluate this new software technology, please refer to this Quick Start:
http://gridshib.globus.org/docs/gridshib-gt-0.6.0-tp4/quick-start.html
The Quick Start guide gives detailed instructions for installing, configuring, and using Globus Java WS Core 4.0.5, GridShib for GT v0.6.0, and GridShib SAML Tools v0.2.0.
For more information and links, see http://www.globus.org/mail_archive/gridshib-dev/2007/07/msg00047.html
Technology Preview 3 of GridShib for GT v0.6.0
Tom Scavo writes on gridshib-dev:
Technology Preview 3 of GridShib for GT v0.6.0 introduces some significant new features:
- A single comprehensive PDP, the GridShibPDP
- Implementation of a new Attribute Aggregation Algorithm (push + pull)
- Dual support for both GT4.0 and GT4.1+
- Improved logging
This is in addition to features already introduced in previous versions of GridShib for GT:
- Support for both Attribute Push (NEW) and Attribute Pull
- Blacklisting of IP addresses (NEW)
- Attribute Mapping
- Attribute-based Authorization Policy
Read the whole announcement for more details!
MyProxy 3.9 is available
See the MyProxy 3.9 announcement for details.
Hyperjacking
The Blue Pill/Subvirt approach (I addressed it earlier) has a new name apparently: hyperjacking [google query].
GridShib CA v0.4.0 and GridShib SAML Tools v0.1.4
The GridShib project has simultaneously released new versions of the GridShib CA and the GridShib SAML tools.
You can find the latest code and documentation links (including links to demos) here:
http://gridshib.globus.org/download.html
And here are the changelogs:
A Scalable Approach To Deploying And Managing Appliances
Our paper about virtual appliance configuration and management was accepted to the TeraGrid 2007 conference and is now online: A Scalable Approach To Deploying And Managing Appliances.
This paper examines configuration and security issues that large and heterogeneous deployments of virtual appliances/workspaces will face.
From the introduction:
The goal of this paper is to develop a holistic approach that would provide scalable and sustainable ways of managing and deploying virtual workspaces implemented as VM images. We will discuss ways of leveraging existing configuration management tools, exemplified by the Bcfg2 system, for VM image lifecycle management that will allow systems staff to deploy robust virtualized resources for their users. We will also describe the process of contextualization — integration of an appliance in its deployment context — and discuss its reference implementation using Bcfg2 and the Workspace Service.