Connecting Research Collaborators to Applications Using COmanage

COmanage supports powerful integration of domain applications through the extensible, flexible, scalable, and automatable generation of identifiers often necessary when integrating existing domain applications. Have an application that requires a username in a particular (and usually unattractive) format that no identity provider will ever assert? No way to update the application? With a few clicks the COmanage administrator can configure a new identifier, automatically generated for each enrolled collaborator, and make it available for consumption by the application. Multiple custom identifiers for each user and for each application can be managed quickly and easily using COmanage. When custom identifiers are not enough to support demanding domain applications, COmanage provides a simple but powerful pluggable provisioning engine to do whatever needs to be done to provision a new user into a domain application. Even that FORTRAN 77 application that reads user details from a text file in a hardcoded location can be provisioned using the COmanage provisioning plugin framework (some PHP coding required). Because the COmanage provisioning engine tracks users through the entire user lifecycle it can also help clean up application access when a user leaves the research project. In this presentation we will survey some of the reasons why domain applications can be difficult to integrate with CMPs. We will discuss in detail the COmanage design for extensible and automated identifier generation and the pluggable provisioning framework. We will then explain how both COmanage features have been used to help integrate applications and make it easier and faster to connect researchers to their most wanted applications.


Part of session

Tools for Identity

Related documents