Sep 25 – 29, 2023
Centro de Ciencias de Benasque
Europe/Madrid timezone

POSIX-like access via HTTP: OIDC AuthN/AuthZ solutions provided for research communities

Sep 26, 2023, 11:35 AM
Centro de Ciencias de Benasque

Centro de Ciencias de Benasque

Av. de Francia, 17, 22440   Benasque Huesca, Spain   42.603194, 0.523222
Presentation (15' + 5' for questions) R&D for computing services, networking, and data-driven science IBERGRID


Alessandro Costantini (INFN)


Computing and data management workflows are increasingly demanding access to S3 storage services with POSIX capabilities by locally mounting a file system from a remote site to directly perform operations on files and directories.

To address this requirement in distributed environments, various service integrations and needs must be considered.

In the context of this activity, solutions based on S3 (for object storage) and HTTP WebDAV (for hierarchical storage) protocols have been carefully examined and put into operation.

In both cases, the access to the data must be regulated by standard, federated authentication and authorization mechanisms, such as OpenID Connect (OIDC), which is already adopted as authentication/authorization mechanism within WLCG and the European Open Science Cloud (EOSC).

Starting from such assumption, the possibility to manage data access by integrating JSON Web Token (JWT) authentication, provided by INDIGO-IAM as Identity Provider (IdP), with both CEPH RADOS Gateway (the object storage interface for CEPH) and StoRM WebDAV with Rclone, have been evaluated and a comparison between the performance yielded by S3 and WebDAV protocols has been carried out within the same distributed environment.

Primary authors

Dr Ahmad Ahmad (INFN) Alessandro Costantini (INFN) Dr Antonio Falabella (INFN) Dr Daniele Spiga (INFN) Dr Diego Ciangottini (INFN) Dr Diego Michelotto (INFN) Dr Federico Fornari (INFN) Dr Jacopo Gasparetto (INFN) Dr Massimo Sgaravatto (INFN)

Presentation materials