[Tf-aai] Fwd: Please test WAYF's new federation hub platform with your web service
Mitchell Seaton
seaton at hum.ku.dk
Wed Jul 11 13:38:41 CEST 2018
My apologies that link should be in English -
https://www.wayf.dk/en/new-wayf-user-experience-2-july
Kind Regards,
Mitchell Seaton
On 07/11/2018 01:37 PM, Mitchell Seaton wrote:
>
> Dear CLARIN SPF group,
>
> FYI, https://wayf.dk/da/ny-brugeroplevelse-i-wayf-fra-2-juli WAYF-DK
> has as of 2nd July migrated to their new platform.
>
> Kind Regards,
>
> Mitchell Seaton
>
>
> On 04/19/2018 03:55 PM, Mitchell Seaton wrote:
>>
>> Dear CLARIN SPF group,
>>
>> A test using the WAYF Orphange IdP (through the CLARIN SPF discovery
>> service) against the new WAYF-DK platform installation shows no
>> problems with SAML2 attributes, as far as I can see for our
>> infra.clarin.dk Service Provider. If anyone else wishes to test
>> against their SP for any issues with the new platform, a developer
>> account can be created and approved fiarly quickly - see the
>> instructions at
>> https://wayf.dk/en/testing-wayfs-new-hub-platform-your-web-service
>>
>> Kind Regards,
>>
>> Mitchell Seaton
>>
>>
>>
>> -------- Forwarded Message --------
>> Subject: Please test WAYF's new federation hub platform with your
>> web service
>> Date: Tue, 10 Apr 2018 12:31:16 +0200
>> From: WAYF <campaign at wayf.dk>
>> To: Mr. Mitchell Seaton <seaton at hum.ku.dk>
>>
>>
>>
>> Please test WAYF's new federation hub platform with your web service
>>
>> *FOR ENGLISH, PLEASE SEE BELOW*
>>
>> Kære WAYF-ansvarlige!
>>
>> Du modtager mailen her fordi WAYF har dig registreret som
>> kontaktperson for din WAYF-tilsluttede webtjeneste. WAYF har brug for
>> at du snarest gennemfører en simpel login-test — læs herunder:
>>
>> Din webtjeneste kommunikerer med WAYFs centrale servere hver gang en
>> bruger logger ind på tjenesten via WAYF. Det er vores plan i maj 2018
>> at erstatte den nuværende software på de servere med en helt ny
>> software som vi selv har udviklet.
>>
>> Det har i udgangspunktet ingen betydning for din tjeneste at WAYF
>> skifter software på sine centrale servere: I burde ikke behøve
>> foretage jer noget — ikke behøve ændre noget i jeres egen opsætning.
>> Vi laver nemlig ikke om på den tekniske grænseflade mellem din
>> tjeneste og WAYFs servere — kun på softwaren bag grænsefladen.
>>
>> Vores nye software er blevet sikkerhedsgennemgået af eksperter fra
>> det tyske firma Hackmanit GmbH og er ifølge dem meget sikker.
>> Programkoden er velafprøvet og har langt mindre omfang og langt
>> mindre kompleksitet end vores nuværende software og bliver derfor
>> markant nemmere for os at vedligeholde.
>>
>> Men for at kunne være helt sikre på at WAYFs nye software virker
>> sammen med din tjenestes WAYF-opsætning, vil vi bede dig gennemføre
>> en simpel login-test. Hvis du ikke har en brugerkonto ved en
>> institution som er tilsluttet WAYF, kan du bruge en testkonto fra
>> WAYF Orphanage <https://orphanage.wayf.dk>. Du kan lave testen
>> allerede nu — ved at følge den korte vejledning her
>> <https://wayf.dk/da/test-af-wayfs-kommende-platform-0>.
>>
>> Med den nye software på serverne vil WAYF i princippet have helt
>> samme adfærd udadtil som med den nuværende software.
>>
>> Bemærk at vores nye software protokolmæssigt sigter på at overholde
>> KANTARAs deployment-profil for føderations-interoperabilitet — se
>> https://kantarainitiative.github.io/SAMLprofiles/fedinterop.html. Dét
>> giver begrundet håb om at softwaren vil fungere sammen med de fleste
>> eller alle institutioner og webtjenester i WAYF og i eduGAIN.
>> KANTARA-profilen forventes at ville afløse den SAML2-profil som WAYF
>> og eduGAIN bygger på nu, nemlig
>> https://saml2int.org/profile/current/. Den software som WAYF har
>> brugt hidtil, tilgiver muligvis visse profilafvigelser fra jeres side
>> som vores nye software ikke tilgiver. Bl.a. derfor er det vigtigt at
>> I får testet jeres tjeneste op imod WAYFs kommende platform inden vi
>> sætter den rigtigt i drift.
>>
>> Mange venlige hilsner
>> WAYF-sekretariatet
>> WAYF <https://wayf.dk>
>>
>> ------------------------------------------------------------------------
>>
>> Dear WAYF contact!
>>
>> You receive thie e-mail because WAYF <https://wayf.dk/en> has you
>> registered as a contact point for the web service you have connected
>> to WAYF. WAYF needs you to perform a simple login test as soon as you
>> can please see below:
>>
>> Your webservice communicates with WAYF's central servers whenever a
>> user attempts to log in at your service through WAYF. We plan to
>> replace the software currently running on those servers with an
>> entirely new software that we've developed ourselves.
>>
>> It shouldn't be of any significance to your webservice that WAYF
>> replaces the software on its servers: It shouldn't be necessary for
>> you to do anything — shouldn't be necesary for you to make any
>> changes to the configuration on your own servers. For we're not
>> changing the interface between WAYF and your webservice — only the
>> software behind that interface.
>>
>> Our new software has been penetration tested by experts from German
>> IT security company Hackmanit GmbH and found by them to be very
>> secure. The program code is being tested thoroughly and is far
>> smaller than the code base of our current platform, and so will be
>> markedly easier for us to maintain.
>>
>> But to be sure that WAYF's new software works with your web service,
>> we kindly ask you to perform a simple login test. If you don't hold a
>> user account with one of the identity providers connected to WAYF,
>> you can use a testing from the WAYF Orphanage
>> <https://orphanage.wayf.dk>. You can do the test now already — by
>> following the instructions published here
>> <https://wayf.dk/en/testing-wayfs-new-hub-platform-your-web-service> .
>>
>> With the new software running on its servers, WAYF will, in
>> principle, display the same behaviour externally as with the current
>> software platform.
>>
>> Please note that our new software aims to comply with KANTARA's
>> Deployment Profile for Federation Interoperability
>> <https://kantarainitiative.github.io/SAMLprofiles/fedinterop.html>.
>> This justifies our hope that the platform will work well with most or
>> all service and identity providers in both WAYF and eduGAIN. This
>> KANTARA profile is expected to replace the SAML2 profile currently
>> adhered to by WAYF, i.e. https://saml2int.org/profile/current/. The
>> software currently running on WAYF's servers may be forgiving wrt. a
>> number of deviations from the profile on your part that our new
>> platform may be less forgiving about. For this reason, too, it is
>> important that you test your webservice with WAYF's new platform
>> before we deploy it in production.
>>
>> Many kind regards,
>> WAYF Secretariat
>> WAYF <https://wayf.dk/en>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clarin.eu/cgi-bin/mailman/private/tf-aai/attachments/20180711/40b7c985/attachment.htm>
More information about the Tf-aai
mailing list