REFEDS, the Vietsch Foundation
and the GÉANT Project have joined together in funding FedLab
– a test suite to help check the interoperability of products for federated identity management. The Vietsch Foundation is happy to have awarded its first project contract to FedLab. The joint funding will allow FedLab
to move forward with essential coordination and testing to ensure its success.
The success of research and identity federations in part depends on the interoperability of products, particularly of commercial offerings, for federated identity management. There are currently no comprehensive testing suites available that help deployers check that their implementations have been correctly configured for specific environments, which can lead to unnecessary errors and access problems for users.
FedLab is designed to improve the interoperability of products that use SAML (Security Assertion Markup Language), which is the open-standard data format that is widely used for exchanging authorisation and authentication data, mainly between identity providers (IdPs) and service providers (SPs). While SAML is a fairly established protocol highly likely to stay for many years, newer protocols are being adopted in the SAML community and beyond. The test suite is being refactored to provide testing capabilites for OAuth2, OIDC and UMA besides SAML. This will allow the testing of deployments that use different protocols with proxies and multi-protocol agents.
For REFEDS (Research and Education Federations), a primary goal is to help the international SAML community to interoperate and generally improve the experience of federated access. FedLab fits well with this mission by making it easy for IdPs and SPs to improve the service they offer and check that they will be compliant globally with all federations. REFEDS and the eduGAIN interfederation service both support and promote the SAML2Int profile as a best practice process, and FedLab will help achieve compliance with this specification.
The GÉANT Project had funded initial efforts to remedy this situation, which resulted in the saml2int project and a pilot implementation of a SAML2 test tool, which grew into FedLab.
Funding from the Vietsch Foundation will help FedLab to reach a level of maturity that will enable it to be deployed as a service to federations and their users. By working in cooperation with REFEDS, the GÉANT Project and Kantara as project sponsors for FedLab, the Vietsch Foundation is enabling the project to offer a single service to support a wide range of communities, and ensuring that work does not need to be replicated in multiple environments.
FedLab will provide a comprehensive test suite, covering saml2int, OpenIDConnect and UMA in a single test harness. The tool will be open source, allowing users to contribute and improve test cases and profiles.
Visit the REFEDS website, the GÉANT Project website, the Vietsch Foundation website or the Kantara website.