Overview
Intended Audience
This Introduction is intended for Tequila developers and a general
audience interested in identity management issues. In general, it is
summary information and not intended to give detailed technical
information to the reader.
History
Historically the Swiss Federal Polytechnic University
of Lausanne (EPFL) has been using an identity management tool called
Gaspar. This tool is the repository for authentication information and
holds user information for the whole university community. Currently most
of the university’s Web based services use it to authenticate their
users.
Individual authentication servers can provide services to a single
organization easily. New technologies of collaboration, web services,
grid computing, etc. make it necessary to have a set of identity management
servers that cooperate to manage larger and more disparate groups of users,
agents, services, applications and resources – often across the
country or around the world.
The need has arisen to have an identity management system
to authenticate people across several organizations – a federated
identity management suite of tools. Tequila – building on the
experience of the EPFL’s IT department in Gaspar - was conceived
and developed to achieve this goal.
The Tequila Identity Provider Server is a single server which can
easily provide identity management in a single organization –
however this is not its main benefit.
Tequila Identity Federation
The basic unit of federation in the Tequila Identity
management suite of tools is a cell. A Tequila cell is a set of Tequila
servers that agreed to trust themselves and to agree on the meaning of
users attributes. Each server manages its own set of users and is able
to authenticate these users and return the value of user-related attributes
(name, id, ...) on request of another client in the cell.
Tequila holds no data itself, neither authentication data, nor user
attributes, it delegates these data to connectors: authentication
connectors and data connectors.
Tequila Ready Applications
Applications can be made "Tequila Ready" by implementing one
of the Tequila Clients (available in source in Perl, Java and PHP).
These create the calls to the Tequila server and pass the authorization
information back to the application. This saves application developers
and maintainers a lot of time in writing and keeping their authentication
process and data up to date.
Tequila Open Source
Tequila is open source software. It is being developed as an open source
test bed for identity management standards. The Tequila sources and
project are housed at the EPFL and at the
SourceForge
.
Tequila and Standards
It is the intention of the Tequila developers’ network to work
on specific projects that will enhance the interoperability of Tequila
with existing standards in the identity management, security and access
control space.
|
