ULX Scenarios and Use Cases
Abstract
This document is a product of the Universal Login Experience Work Group. It records the scenarios and use cases governing the development of a cross protocol login user experience.
Status
This document is currently under active development. Its latest version can always be found here. See the ulx:Change History at the end of this document for its revision number.
Editors
- Paul Trevithick
Intellectual Property Notice
The Universal Login Experience Work Group operates under Option Liberty and the publication of this document is governed by the policies outlined in this option.
Table of Contents
Introduction and Instructions
This document is a product of the Universal Login Experience Work Group. It records the scenarios and use cases governing the development of a cross protocol login user experience.
Please copy and revise an existing scenario in adding new scenarios and subordinate use cases. Each use case is created as a separate child wiki page with a name like xyz_scenario and then linked from here. Change the status keyword in each scenario and use case title as appropriate, linking to the meeting minutes page explaining the status change:
- Pending: Initial status when first submitted
- Accepted: Needs to be accounted for in UMA V1 and/or its associated compliant implementations
- Deferred: Relevant to the problem space; may be considered in future versions
- Rejected: Out of scope
Edit the descriptions of technical issues and scope questions to reflect (or point to) group decisions about how to handle them.
Scenario: NIH Login with SAML, OpenID and I-Card (Pending)
Submitted by: Paul Trevithick
This scenario is an example of a website that would like to support three identity protocols: SAML, OpenID and I-Card. The site has no interest in maintaining local (e.g. username/password) accounts and wishes to rely exclusively on external identity providers (IdPs).
This particular site has a large number (e.g. more than 50) of IdPs that it trusts (i.e. from which it is willing to accept an identity assertion).
We describe below two of many possible use-cases (interactions) that Alice could have with this site.
(NOTE: Our references to the NIH website is hypothetical.)
Use Case: Unmodified Browser, First Visit
Preconditions
Alice:
- Wants to sign-in to the NIH site
- Has never been to this NIH site before
- Has an unmodified browser
- Is not logged in to any of her OpenIDs or SAML IdPs at the moment
NIH Site:
- Is a SAML, OpenID, and IMI/InfoCard compatible RP
- Trusts these OpenIDs:
- Yahoo, AOL, Google
- Trusts these SAML IdPs:
- InCommon Federation (of which Ohio State is a member)
- Trusts these Infocards:
- Equifax, Citigroup, Wave Systems, Acxiom
Flow #1: Uses Google account
- Alice clicks on the login button (see Non-chrome Login Button)
- The popup window appears
- Alice clicks on Google
- The window (having been redirected) now displays the Google auth dialog box
- Alice authenticates to Google
- Alice agrees to share Google attributes with NIH
- Alice is now logged in to the NIH site
Flow #2: Same as #1 except using Ohio State account
Flow #3: Searches first, then logs in
- Alice clicks on the login button (see Non-chrome Login Button)
- Alice types in the search box for "Boston University" (a member of the InCommon Federation)
- ...the rest is like flow #2
Use Case: Browser Add-on, First Visit
Preconditions
Alice:
- Wants to sign-in to the NIH site
- Has never been to this NIH site before
- Already has a multi-protocol browser add-on (aka selector, smart client, etc.)
- Has configured her add-on with:
- OpenID: Yahoo, AOL, Google, Facebook
- SAML: Ohio State
- Infocard: Equifax Identity Card, PayPal
- Is not logged in to any of her OpenIDs or SAML IdPs at the moment
- Has not defined a "default" OpenID, SAML or InfoCard
NIH Site:
- Is a SAML, OpenID, and IMI/InfoCard compatible RP
- Trusts these OpenIDs:
- Yahoo, AOL, Google
- Trusts these SAML IdPs:
- InCommon Federation (of which Ohio State is a member)
- Trusts these Infocards:
- Equifax, Citigroup, Wave Systems, Acxiom
(anchor:issues}Issues
Following are discussions of technical issues raised by one or more scenarios and use cases. Acceptance of a scenario or use case will imply agreeing to develop a satisfactory solution to applicable issues.
Change History
| Version | Date | Comment |
|---|---|---|
| Current Version (v. 36) | Feb 09, 2010 10:01 |
Former user: Migration of unmigrated content due to installation of a new plugin |
| v. 35 | Feb 09, 2010 10:01 |
Former user Migration of unmigrated content due to installation of a new plugin |
| v. 34 | Feb 09, 2010 10:01 |
Former user Migration of unmigrated content due to installation of a new plugin |
| v. 33 | Feb 09, 2010 10:01 |
Former user Migrated to Confluence 4.0 |
| v. 32 | Feb 09, 2010 10:01 | Former user |
| v. 31 | Oct 29, 2009 22:33 | Former user |
| v. 30 | Oct 29, 2009 22:32 | Former user |
| v. 29 | Oct 29, 2009 22:06 | Former user |
| v. 28 | Oct 28, 2009 17:42 | Former user |
| v. 27 | Oct 20, 2009 15:07 | Former user |
| v. 26 | Oct 20, 2009 15:06 | Former user |
| v. 25 | Oct 20, 2009 15:04 | Former user |
| v. 24 | Oct 20, 2009 14:19 | Former user |
| v. 23 | Oct 20, 2009 14:16 | Former user |
| v. 22 | Oct 16, 2009 14:10 | Former user |
| v. 21 | Oct 16, 2009 14:07 | Former user |
| v. 20 | Oct 16, 2009 12:35 | Former user |
| v. 19 | Oct 16, 2009 10:37 | Former user |
| v. 18 | Oct 16, 2009 10:36 | Former user |
| v. 17 | Oct 16, 2009 10:18 | Former user |
| v. 16 | Oct 16, 2009 10:07 | Former user |
| v. 15 | Oct 15, 2009 17:59 | Former user |
| v. 14 | Oct 14, 2009 20:35 | Former user |
| v. 13 | Oct 14, 2009 20:24 | Former user |
| v. 12 | Oct 14, 2009 17:33 | Former user |
| v. 11 | Oct 14, 2009 17:15 | Former user |
| v. 10 | Oct 14, 2009 17:15 | Former user |
| v. 9 | Oct 14, 2009 17:01 | Former user |
| v. 8 | Oct 14, 2009 16:29 | Former user |
| v. 7 | Oct 12, 2009 21:27 | Former user |
| v. 6 | Oct 12, 2009 21:26 | Former user |
| v. 5 | Oct 12, 2009 21:25 | Former user |
| v. 4 | Oct 12, 2009 21:23 | Former user |
| v. 3 | Oct 12, 2009 21:22 | Former user |
| v. 2 | Oct 12, 2009 21:20 | Former user |
| v. 1 | Oct 12, 2009 16:03 | Former user |