Perun in

management system preview

Perun covers management of the whole ecosystem around the users' identities, groups, resources and services. Perun is well suited for managing users within organizations and projects, managing access rights to the services.

Perun product page

Registration

To register in a virtual organization or community go to guidepost to select the VO you want to register to.

https://perun.demo.eduteams.org/guidepost/?groups=1

Register a new virtual organization / community

To register a new virtual organization or community fill in the simple form on the following page

https://perun.demo.eduteams.org/a/establish-vo-form/fed/

(You will be prompted to register to eduTEAMS catch-all VO, unless you already have done it.)

After registering the VO, you can send an invitation to users from the Perun web interface or you can send them the following URL, where you have to replace <VO> with abbreviation of your VO:

https://perun.demo.eduteams.org/fed/registrar/?vo=<VO>

Perun web interface

Overview and management of your virtual organizations and memberships is available at

https://perun.demo.eduteams.org/gui/

Demo service providers

Attribute viewer

The attribute viewer SP is service which enables you to see what attributes are released by eduTEAMS proxy to services providers.

https://baz.demo.eduteams.org/simplesaml/module.php/core/authenticate.php?as=perun

Wordpress

The Wordpress SP demonstrates authorization capabilities on real-like services. You can access wordpress administration intefrace on a following link only if you are member of wp-admins group in any VO.

https://baz.demo.eduteams.org/wp-login.php

User's profile page

View your profile page at

https://perun.demo.eduteams.org/fed-sb/profile/

You can add/change your sshkey in settings section.

Account linking

You can link your different accounts at

https://perun.demo.eduteams.org/fed/ic/

You will be prompted to sign in with one of your identities (unless you have single sing-on session active) and then you will have to sign in with another identity to proof that you own both of them. After this procedure, your identities will be linked into a single account.

Provisioning

All users from eduTEAMS catch-all VO will have their unix account provisioned to the demo virtual machine. During the registration to the eduTEAMS VO, users have to choose a nickname which will be used as unix login and they have an option to fill in their SSH key. If they do so, they can access the demo virtual machine using ssh in following way.

ssh NICKNAME@snf-824662.vm.okeanos.grnet.gr

Provisioning may take minute or two after the registration, therefore if you encounter some problems, try it again a bit later.

SSH key can be added or changed on the user profile page.

Note: For purpose of this demo, provisioning is only configured for eduTEAMS catch-all VO. If you would like to try it out on your own VO that you have created, contact us on perun@cesnet.cz and will prepare a sandbox for you.