480 years after the collaps of the first Kalmar Union, the Nordic countries are joining forces again - this time without guns or politics but armed with the latest technology for easing access to services while still protecting the users' privacy and personal data.

Today Kalmar2, the second Kalmar Union, is presented at the NORDUnet conference in Copenhagen. Users can use their existing usernames and passwords freely across the Nordic area to access protected web-pages like research databases, e-science and e-learning systems etc. Kalmar2 fulfills the need in educational and research sector for collaboration and sharing of resources across borders.

The goal is to strengthen Nordic collaboration, based on existing national infrastructures for role based access.

Knitting together login-systems from all Nordic countries, it is now possible for users to log into web based services using their existing username and password - not the one provided by the website!

Participating countries are Norway, Finland, Denmark, Sweden and Iceland.

Kalmar2 is not confined to the Nordic area. Other countries may join if they live up to Kalmar2's strict requirements for identity management.

“Kalmar2 is an example of the Nordic area building critical infrastructure for our academic community. Identity infrastructure is at the same stage Internet was 20 years ago, when the Nordic Internet infrastructure was operational across borders.

Version 1.1 of the new simpleSAMLphp metadata registry, named Janus, is now ready. Janus is developed by Wayf, the danish federation.

Some of the key features includes:

• Token based mail notification for account creation and system login
• Creating / deleting SAML 2.0 entities (Service providers, Identy providers)
• Ability to change entity type for existing entities
• Support for multiple independant system states, enabling workflow and separation of permission schemes
• Ability to block remote entities
• Creation, modification and deletion og metadata enties
• Import of SAML 2.0 metadata
• Revision control including revision notes and backtracking
• Export of SAML 2.0 metadata
• Deletion of users
• Adding and removing user permissions on entities

The code may be downloaded at http://code.google.com/p/janus-ssp/.

Further functionalities will be added in the coming months, including:

• Notification system
• ARP-administration
• Extended user management

Any feedback, suggestions etc. is more than welcome - please create issues at the site mentioned above.

Jacob-Steen Madsen from Wayf.dk reports:

At WAYF we have created a vmware image with all basic software needed to run SimpleSAMLphp as identityprovider is preinstalled. The configuration needed should be easier then.

We've created the image in order to lower the barrier for small institutions. It's a download on approx 300MB.

• https://www.wayf.dk/howtos

Select "Quick start for Identityproviders". There nothing "WAYF" specific in the image - and it is created so everyone should be able to use it.

Preliminary agenda:

I've added a few items.

Technical track

• Consent-administrasjon som en modul
• SimpleSAMLphp for non-PHP
• Feides produksjonsmiljø, presentasjon av løsning med subversion og håndtering av konfigurasjon
• Wayf sine tilpassninger kun i en modul.
• Integrasjon mot kalmar

Administrative track

• nye tjenester?
• Kalmar

Common track

• Kravspesifikasjon for administrasjon av metadata.
• Diskusjon omkring synlighet i Wayf. Teknisk; discovery service hos SP, og consent hos IdP.

Tidsplan og transport

Anders kjører og henter danskene på Værnes. Andreas og Cato tar tog.

Danskene:

• lander på Værnes 11.05 på mandag
• avgang onsdag 18.20

Togtider (Andreas og Cato):

• 08.12.2008 TRONDHEIM - ÅRE 08:20 - 10:56 02:36
• 10.12.2008 ÅRE - TRONDHEIM 17:38 - 20:13 02:35

Participants

Her er de som kommer

• Anders Lund kommer. Kjører bil og henter danskene på Værnes.
• Mads Freek
• Jacob-Steen Madsen
• Jens Christian
• Andreas Åkre Solberg - kommer med tog.
• Cato Olsen - kommer med tog.

Mads + Jacob.

I'm back from EuroCAMP in Athens, where I held three presentations:

• SAML 2.0 Software Comparison
• SimpleSAMLphp
• OpenWiki and Foodle

Tomorrow I'm attending "Forskninsnet konferansen" in Kolding, Denmark, to give a presentation about simpleSAMLphp. The slides will be available online during this week.

When I'm back I hopefully get some more time to code, respond to emails and proceed on Kalmar and eduGAIN integration work.

Two great contributions from DK-AAI is checked into the simpleSAMLphp source, and will be part of the 1.0 release.

The attribute release consent module, adds supports for requesting consent from the user every time attributes are sent to a service. The user may choose to store the consent for later, if so a hashed value of the attributes will be stored in a mysql database.

There is now also a CAS authentication module, that performs authentication via a CAS server, and then retrieves attributes from an LDAP.

In February 2008, a simpleSAMLphp was arranged in Lumsås, Denmark by DK-AAI.

Great days with great progress to simpleSAMLphp. We look forward to the collaboration with simpleSAMLphp between DK-AAI, Feide and GÉANT2.

[ View more photos ]

The simpleSAMLphp open source community is starting to take form.

In January 2008, we got some danish developers on our team. They will help out with further improvements of simpleSAMLphp offering a handfull part time developers.

We have also got contributions from Croatia, Luxembourg, Netherlands and more...

Some friends from DK-AAI in a meeting regarding AAI.

Kalmar Union is a collaborative effort to ease cross-national use of IT services in research and higher education in Nordic countries by developing and operating an infrastructure for authentication and authorization of end users.

Participants

• Feide (Norway)
• Haka (Finland)
• Wayf (Denmark)
• SWAMID (Sweden)
• Iceland

Who can join

Any national federation from a country inside the EEC that has implemented the directive 95/46/EC and additional community legislation concerning personal data transfer can apply to become a member of the Kalmar Union.

• Read the MoU for more details

Technical

Each participating federation/country in the Kalmar Union must provide a signed metadata document available on a URL shared with the Kalmar Union.

WAYF is the danish national educational federation fully based on simpleSAMLphp.