Tools
Subscribers to the Federation have access to a range of tools that enhance the Federation product. These tools are regularly reviewed to ensure they are fit for purpose and meet subscriber needs. To ensure that subscribers have access to the most up-to-date tools, the AAF regularly updates/refreshes these tools, or will retire and replace existing tools to meet subscriber needs. Additional tools will also be added to this suite to ensure what the AAF remains current and up-to-date with trends in technology.
Federation Registry |
Federation Status |
Virtual Home |
eduGAIN entities database |
Rapid Connect |
IdP Installer |
Attribute Validator |
eduGAIN Attribute Release Check |
Attribute Validator
The Attribute Validator is a tool that validates your identities attributes ensuring that they are suitable for consumption by AAF connected services. A user or an administrator can view their Attributes by logging into the Attribute Validator.
For more information or support go to:
ECP
ECP allows Service Providers (SP) to introduce a new class of service that won’t be limited by a browser interface to provide single sign-on functionality.
The ECP profile is designed for clients that use desktop applications, server-side code running in a web application and anything else that isn’t run in a browser. ECP is one option for allowing non-browser authentication and will be included as a feature of the IdP Installer.
Why you need ECP
With the introduction of new non-web based services from the RDS (Research Data Service) nodes, the deployment of ECP (Enhanced Client or Proxy) for all IdPs will be essential. This will allow researchers at your organisation to take advantage of the new services being offered by the nodes.
We encourage you to be prepared for these new services by enabling ECP so you can introduce a new class of service that won’t be limited by a browser interface to provide single sign-on functionality.
For more information on enabling ECP, see Enabling ECP.
Subscriber organisations which have ECP enabled:
| Organisation |
|---|
| AAF Virtual Home |
| Australian Institute of Marine Science |
| Australian National University |
| Bond University |
| Deakin University |
| Edith Cowan University |
| eResearch SA |
| INTERSECT |
| James Cook University |
| Latrobe University |
| Monash University |
| Swinburne University of Technology |
| The University of Melbourne |
| The University of Notre Dame |
| The University of Queensland |
| The University of Western Australia |
| University of Adelaide |
| University of Canberra |
| University of New England |
| University of New South Wales |
| University of Newcastle |
| University of Southern Queensland |
| University of Tasmania |
| University of Technology Sydney |
| University of Wollongong |
| Victoria University |
| Western Sydney University |
For more information or support go to:
Federation Registry
The Federation Registry is a web-based tool designed to manage information about Organisations, Identity Providers and Service Providers participating in the Federation which is operated by the AAF.
For more information or support go to:
Federation Status
Federation Status monitors AAF-connected Service Providers and Identity Providers and reports when systems are offline. The status updates available here are automatically determined and should be used as a guide only. Unanticipated changes in the Federation’s operating environment may lead to inaccurate data being reported from time to time.
For more information or support go to:
Rapid Connect
AAF Rapid Connect is a tool which allows Service Providers to easily connect services to the Federation. Rapid Connect is available in production and test, for use by developers at rapid.aaf.edu.au
Although Rapid Connect is available as an alternative for connecting services, the AAF will continue to support full Shibboleth SP installs for applications with custom attribute or security requirements.
Rapid Connect is based on the JSON Web Token standard, which allows applications running on PaaS providers such as Heroku, Google App Engine and Pagoda to connect to the Federation. It also allows developers running their own servers to connect applications to the Federation without the requirement to install a Shibboleth SP or Apache web server. In addition to easing the technical burden, Rapid Connect simplifies user attribute transfer by automatically providing the most common attributes supported by international federations for research applications.
Benefits
-
There is no need to install a Shibboleth SP on your web server
-
It natively integrates into commonly used development languages
-
PaaS solutions like Heroku, Google App Engine and Pagoda become suitable deployment targets for AAF services
-
Attributes are already defined in logical sets, there is no approval process for attributes
-
Integration code is minimal, simple to write and easy to test.
Visit rapid.aaf.edu.au to view example implementations using Heroku, Google App Engine, or Pagoda Box.
For more information or support go to:
Virtual Home
The AAF Virtual Home (VH) is an identity management system for individuals who need to access services via the AAF but who do not have an account with an AAF identity provider (IdP).
In most cases users of the Federation belong to an AAF subscriber organisation, and are part of the organisation’s identity management system. This means that most users can use their organisation’s identity provider to log into connected services. This is known as their Home Organisation. For example, QUT is an AAF subscriber. If I am a staff member of QUT, I can log into AAF-connected services using QUT’s identity provider, and QUT is known as my Home Organisation.
However, in some cases it is desirable for users who don’t otherwise have an identity provider to be able to log into services via the AAF. Because they have no Home Organisation within the Federation, these users can become part of Virtual Home (VH).
For more information or support go to: