BNL SDCC (Scientific Data and Computing Center) recently deployed a centralized identity management solution to support Single Sign On (SSO) authentication across multiple IT systems.The system supports federated login access via CILogon and InCommon and multi-factor authentication (MFA) Cat Furniture to meet security standards for various application and Shopping Totes services such as Jupyterhub / Invenio that are provided to the SDCC user community.CoManage (cloud-based) and FreeIPA / Keycloak (local) are utilized to provided complex authorization for authenticated users.
This talk will focus on technical overviews and strategies to tackle the challenges/obstacles in our facility.