Information Technology Reference
In-Depth Information
6.2 Access to the Gateway
Access to e-Science gateways is usually possible by accessing a login page, where
users have to identify themselves by providing some sort of credential. The cre-
dential can be a login name or e-mail address with a relevant password, some sort of
single sign-on credential, or a one-time password.
As WS-PGRADE/gUSE builds on the Liferay portlet container, login possibil-
ities offered by WS-PGRADE/gUSE are those offered by Liferay. This includes the
following:
Username or e-mail with a password: in this case gateway users can register using
either a username or e-mail address, and a password. After successful registra-
tion, users can log in using the credentials provided during the registration
process.
Facebook: in this case the gateway uses Facebook
s user authentication mech-
anism [FBLogin] (based on OAuth [OAuth]) to identify users. This method
assumes that a Facebook application is created for the e-Science Gateway, and
this application can access some basic properties of the Facebook user
'
le.
Through this login method, users have to provide their Facebook account details
in order to log in.
'
s pro
Single sign-on: this method is similar to the Facebook one. Some sort of external
identity provider (for example, Shibboleth [SHIB]) is used to identify users, and
the information provided by the identity providers is used to store users
'
information in Liferay.
The above-described methods are the most common ones applied by e-Science
gateways. Thanks to the fact that Liferay offers the possibility to use additionally
deployed authentication methods, these can be extended toward additional needs.
6.3 Visibility of User Interface Components
When a user registers to an e-Science gateway, the user account associated to the
user receives some default roles [LiferayRoles]. These roles can be precon
gured in
the portlet framework or can be inherited from an external identity provider. In
either case, the set of roles associated to the user account may determine the set of
tools available for use by the user account. Some example roles used by Liferay and
WS-PGRADE/gUSE-based e-Science gateways are as follows:
Guest: this role represents any non-authenticated user accessing the gateway
(the role is de
ned by Liferay).
User: this role represents any authenticated user accessing the gateway (this role
is de
ned by Liferay).
Owner: this role represents any authenticated gateway administrator user
accessing the gateway (this role is de
ned by Liferay).
Search WWH ::
Custom Search