Thus, although other users on the same
node can decode the SSL channel, the message is still encrypted. Another benefit of this
method is that since the receiver is also a sender, a symmetric encrypting algorithm can be
used to enhance performance.
Authentication.and.Single.Sign-On.
A WSGrid user must register with the node to access the Web services provided by the
WSGrid node before claiming access to services. Authentication in WSGrid is achieved by
means of security token verification. The token has to be attached with every service invocation.
With access to different nodes or virtual organizations, a user might own different
tokens. In order to perform a long-running task requiring multi-resources involved, a user
can either set up authentication information in the job description or wait to be manually
authenticated. Either way is inconvenient. Hence, GateService provides another solution
for this ???Single Sign-On??? problem.
???Single Sign-On??? (SSO) is one of the functions in GateService. To use it, the user must
firstly federate identities which must be associated with the proper node or virtual organization.
Those associations are kept in the user??™s configuration. The system can only access
them when a SSO service is invoked.
Pages:
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454