PLACES: Kantara Initiative Main Site | Community@ List | All Events and Meetings | Join a Group | Contact Us

ULX Scenarios and Use Cases

Skip to end of metadata
Go to start of metadata
Abstract

This document is a product of the Universal Login Experience Work Group. It records the scenarios and use cases governing the development of a cross protocol login user experience.

Status

This document is currently under active development. Its latest version can always be found here. See the Change History at the end of this document for its revision number.

Editors
  • Paul Trevithick
Intellectual Property Notice

The Universal Login Experience Work Group operates under Option Liberty and the publication of this document is governed by the policies outlined in this option.

Table of Contents

Introduction and Instructions

This document is a product of the Universal Login Experience Work Group. It records the scenarios and use cases governing the development of a cross protocol login user experience.

Please copy and revise an existing scenario in adding new scenarios and subordinate use cases. Each use case is created as a separate child wiki page with a name like xyz_scenario and then linked from here. Change the status keyword in each scenario and use case title as appropriate, linking to the meeting minutes page explaining the status change:

  • Pending: Initial status when first submitted
  • Accepted: Needs to be accounted for in UMA V1 and/or its associated compliant implementations
  • Deferred: Relevant to the problem space; may be considered in future versions
  • Rejected: Out of scope

Edit the descriptions of technical issues and scope questions to reflect (or point to) group decisions about how to handle them.

Scenario: NIH Login with SAML, OpenID and I-Card (Pending)

Submitted by: Paul Trevithick

This scenario is an example of a website that would like to support three identity protocols: SAML, OpenID and I-Card. The site has no interest in maintaining local (e.g. username/password) accounts and wishes to rely exclusively on external identity providers (IdPs).

This particular site has a large number (e.g. more than 50) of IdPs that it trusts (i.e. from which it is willing to accept an identity assertion).

We describe below two of many possible use-cases (interactions) that Alice could have with this site.

(NOTE: Our references to the NIH website is hypothetical.)

Use Case: Unmodified Browser, First Visit

Preconditions

Alice:

  • Wants to sign-in to the NIH site
  • Has never been to this NIH site before
  • Has an unmodified browser
  • Is not logged in to any of her OpenIDs or SAML IdPs at the moment

NIH Site:

  • Is a SAML, OpenID, and IMI/InfoCard compatible RP
  • Trusts these OpenIDs:
    • Yahoo, AOL, Google
  • Trusts these SAML IdPs:
    • InCommon Federation (of which Ohio State is a member)
  • Trusts these Infocards:
    • Equifax, Citigroup, Wave Systems, Acxiom
Flow #1: Uses Google account
  1. Alice clicks on the login button (see Non-chrome Login Button)
  2. The popup window appears
  3. Alice clicks on Google
  4. The window (having been redirected) now displays the Google auth dialog box
  5. Alice authenticates to Google
  6. Alice agrees to share Google attributes with NIH
  7. Alice is now logged in to the NIH site
Flow #2: Same as #1 except using Ohio State account
Flow #3: Searches first, then logs in
  1. Alice clicks on the login button (see Non-chrome Login Button)
  2. Alice types in the search box for "Boston University" (a member of the InCommon Federation)
  3. ...the rest is like flow #2

Use Case: Browser Add-on, First Visit

Preconditions

Alice:

  • Wants to sign-in to the NIH site
  • Has never been to this NIH site before
  • Already has a multi-protocol browser add-on (aka selector, smart client, etc.)
  • Has configured her add-on with:
    • OpenID: Yahoo, AOL, Google, Facebook
    • SAML: Ohio State
    • Infocard: Equifax Identity Card, PayPal
  • Is not logged in to any of her OpenIDs or SAML IdPs at the moment
  • Has not defined a "default" OpenID, SAML or InfoCard

NIH Site:

  • Is a SAML, OpenID, and IMI/InfoCard compatible RP
  • Trusts these OpenIDs:
    • Yahoo, AOL, Google
  • Trusts these SAML IdPs:
    • InCommon Federation (of which Ohio State is a member)
  • Trusts these Infocards:
    • Equifax, Citigroup, Wave Systems, Acxiom

(anchor:issues}Issues

Following are discussions of technical issues raised by one or more scenarios and use cases. Acceptance of a scenario or use case will imply agreeing to develop a satisfactory solution to applicable issues.

Change History

Version Date Comment
Current Version (v. 32) Feb 09, 2010 10:01 Paul Trevithick
v. 31 Oct 29, 2009 22:33 Paul Trevithick
v. 30 Oct 29, 2009 22:32 Paul Trevithick
v. 29 Oct 29, 2009 22:06 Paul Trevithick
v. 28 Oct 28, 2009 17:42 Paul Trevithick
v. 27 Oct 20, 2009 15:07 Paul Trevithick
v. 26 Oct 20, 2009 15:06 Paul Trevithick
v. 25 Oct 20, 2009 15:04 Paul Trevithick
v. 24 Oct 20, 2009 14:19 Paul Trevithick
v. 23 Oct 20, 2009 14:16 Paul Trevithick
v. 22 Oct 16, 2009 14:10 Paul Trevithick
v. 21 Oct 16, 2009 14:07 Paul Trevithick
v. 20 Oct 16, 2009 12:35 Scott Cantor
v. 19 Oct 16, 2009 10:37 Paul Trevithick
v. 18 Oct 16, 2009 10:36 Paul Trevithick
v. 17 Oct 16, 2009 10:18 Paul Trevithick
v. 16 Oct 16, 2009 10:07 Paul Trevithick
v. 15 Oct 15, 2009 17:59 Joni Brennan
v. 14 Oct 14, 2009 20:35 Paul Trevithick
v. 13 Oct 14, 2009 20:24 Paul Trevithick
v. 12 Oct 14, 2009 17:33 Paul Trevithick
v. 11 Oct 14, 2009 17:15 Paul Trevithick
v. 10 Oct 14, 2009 17:15 Paul Trevithick
v. 9 Oct 14, 2009 17:01 Paul Trevithick
v. 8 Oct 14, 2009 16:29 Paul Trevithick
v. 7 Oct 12, 2009 21:27 Paul Trevithick
v. 6 Oct 12, 2009 21:26 Paul Trevithick
v. 5 Oct 12, 2009 21:25 Paul Trevithick
v. 4 Oct 12, 2009 21:23 Paul Trevithick
v. 3 Oct 12, 2009 21:22 Paul Trevithick
v. 2 Oct 12, 2009 21:20 Paul Trevithick
v. 1 Oct 12, 2009 16:03 Paul Trevithick
 
Bookmarks

Is this site useful to you? Please share it!

| | More
On This Page:
Pages in this Space:
Wiki How To's:
Wiki Notation Quick Guide
Full List of Macros
Full Documentation
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.