SSO
by Eric Hogberg
1. Components
1.1. Identity (id)
1.2. Authorization (authz)
1.3. Authentication (authn)
1.4. Profile
2. Infrastructure
2.1. Core
2.1.1. Protocol
2.1.1.1. SSO
2.1.2. Identity Authority Server process
2.1.3. Datastore
2.2. Supplemental
2.2.1. Profile management resources (UI)
2.2.2. Service layer
3. Assumptions
3.1. First client up will be Obsidian
3.2. Re-use as many Magma assets/components as possible
4. Questions
4.1. Which transport protocol?
4.2. Which SSO protocol?
4.2.1. CAS
4.2.2. SAML
4.2.3. OpenID
4.2.4. Home-rolled
4.3. Which IAS technology?
4.4. Which datastore?
4.5. Icebox
4.5.1. Architecture of service layer and approach
4.5.2. Application support beyond Obsidian
4.5.3. Authz: centralized here or on a separate component?