SSO
by Eric Hogberg
1. Assumptions
1.1. First client up will be Obsidian
1.2. Re-use as many Magma assets/components as possible
2. Questions
2.1. Which transport protocol?
2.2. Which SSO protocol?
2.2.1. CAS
2.2.2. SAML
2.2.3. OpenID
2.2.4. Home-rolled
2.3. Which IAS technology?
2.4. Which datastore?
2.5. Icebox
2.5.1. Architecture of service layer and approach
2.5.2. Application support beyond Obsidian
2.5.3. Authz: centralized here or on a separate component?
3. Components
3.1. Identity (id)
3.2. Authorization (authz)
3.3. Authentication (authn)
3.4. Profile
4. Infrastructure
4.1. Core
4.1.1. Protocol
4.1.1.1. SSO
4.1.2. Identity Authority Server process
4.1.3. Datastore
4.2. Supplemental
4.2.1. Profile management resources (UI)
4.2.2. Service layer