Centralized Discovery Service - member of federation?

Tom Scavo trscavo at gmail.com
Wed May 6 08:34:43 EDT 2015

On Tue, May 5, 2015 at 8:53 PM, Scott Koranda <skoranda at gmail.com> wrote:
> "If you're running a disovery service shared by many (and closely
> related) services / SPs the situation is a bit different, of course."
> That is the situation we find with LIGO and our users have come to us
> directly asking for a centralized discovery service rather than
> multiple instances of the EDS we have been using until now.

Okay, so your users want consistent branding across all your apps,
right? I get that, and in fact we've had this conversation before in
another context :-) but apparently your user requirements have changed
(or maybe just become more clear). In that case, let me repeat the
suggestion I gave in the other context.

>From the presentation you gave at Global Summit last week, [1] a SAML
IdP Proxy figures prominently into your near-term architectural plans.
Instead of deploying a CDS, why not deploy an IdP Proxy in front of
the LIGO apps? That gives you a development platform on which to
standardize numerous functions such as discovery, account creation (an
IdPoLR function), and multifactor login (like Duo). It's much easier
to maintain a consistent look-and-feel if all these functions are
derived from a single platform.

Now let's pop up a level. If there are other R&S apps that your LIGO
users use, then maybe "Research & Scholarship" is the "correct"
branding. I think you see where I'm going with this ;-) Instead of
creating two levels of branding, let's consolidate on "Research &
Scholarship." Does that make sense?


[1] https://meetings.internet2.edu/2015-global-summit/detail/10003657/

More information about the users mailing list