...
Participant name and logo | Contact names/emails | Solution full name | Solution abbrev | Roles (AS, RS, C) |
---|---|---|---|---|
Gluu (logo, handle) | Mike Schwartz: mike-at-gluu.org Yuriy Zabrovarnayy: yuriy-at-gluu.org | OXAuth | OX | AS, RS, C |
Apache plugin | AP | RS, C | ||
Cloud Identity Limited, (logo, handle) | Maciej Machulak: maciej.machulak(AT)cloudidentity.co.uk | NuveAM | CI | AS, RS, C |
Python/Java UMA | PU | RS, C | ||
Roland Hedberg | Roland Hedberg: roland.hedberg-at-adm.umu.se | PyUMA | RH | AS, RS, C |
ZXID.org | Sampo Kellomäki: sampo-uma14-at-zxid.org | ZXID w/mod_auth_saml | ZX | AS, RS, C |
Solution information: AS role
It is recommended that the AS provide RO and RqP login credentials that can be used in a programmatic fashion, e.g. in a simple HTML form. It is assumed that the C is clientclaims-unaware and will be using the redirect claim profile to redirect the RqP to the AS for login as the sole claims-gathering process. The "Alice" user can be used as both an RO and an RqP. The "Bob" user can be used as an RqP. The different RqPs can be used with the same client to test policies that discriminate between RqPs using the same client. Clients "A" and "B" can be easily used to test policies that discriminate between the same RqP using different clients.
Solution:role | Config data URL | Login credentials for RO and RqPToken strings for "Alice" and "Bob" users | Static credentials for client "A" and client "B" | Supports dynamic client registration for RS and C? | Other details |
---|---|---|---|---|---|
OX:AS | https://seed.gluu.org/.well-known/uma-configuration | Alice: Bob: | RS: yes, C: yes | See: | |
CI:AS | https://demo.nuveam.com/.well-known/uma-configuration | Alice: Bob: | RS: yes, C: yes | ||
RH:AS | Alice: Bob: | ||||
ZX:AS | https://zxidp.org/.well-known/uma-configuration | test:test or HTTPS client cert or SAML IdP https://zxidp.org/idp with test:test | RS: yes, C: yes | https://zxidp.org/umainfo.html |
Solution information: RS role
...
Solution:role | API info | SDK avail? | Login URL and RO creds/token/session details | Protected resource URL(s) info | Client SDK/library info | Expects dynamic client registration at AS? | Other details |
---|---|---|---|---|---|---|---|
OX:RS | Java | https://seed.gluu.org/oxuma-rs/ | https://seed.gluu.org/oxuma-rs/ws/phone CRUD: Scopes: | ||||
CI:RS | https://nuvepds.appspot.com/about/api | Python and Java | https://nuvepds.appspot.com (Sign in with your social profile) | https://nuvepds.appspot.com/about/api | Optional | ||
RH:RS | Uses "pbryan" (http-json-resource) | https://xenosmilus.umdc.umu.se:8777/login.html (user:alice, password:krall) | Base URL for alice's resources: https://xenosmilus.umdc.umu.se:8777/json/alice | Available in Python and Java (sample at https://nuvepdsclient.appspot.com/) – where? | Supports webfinger. Supports acct and http identifier urls. | ||
ZX:RS | https://zxidp.org/umainfo.html | libzxid (C/C++, PHP, Perl, Java, Apache httpd module) |
Solution information: C role
As noted above, it is assumed that the C is clientclaims-unaware and will be using the redirect claim profile to redirect the RqP to the AS for login as the sole claims-gathering process for assessing policy. There are currently (V0.9) not even any optional feature tests for claim profiles anyway, so we're not testing claims gathering at this stage.
Solution:role | App type | Other details |
---|---|---|
OX:C | https://seed.gluu.org/oxuma-rp/ | |
CI:C | https://nuvepdsclient.appspot.com/ | Sign in using social profile or pass a token |
RH:C | ||
ZX:C |