OpenAthens LA ( Local Authentication (OpenAthens LA, or OALA) enables your users to access resources in a federated manner federation environment. It interacts with your local data repository and authentication systems to produce a seamless user experiencefacilitate access to online resources by your end users. In SAML /Shibboleth terms OpenAthens LA is an Identity Provider , federating identity information from your organisation to the resources in a federation(IdP).
OpenAthens LA has two main components, the Runtime and the an Administration Console. The Runtime performs authentications and exchanges messages with responds to Service Providers when your users request access. The Administration Console is used to configure the Runtime and access Statistics, Diagnostics and Auditing information.The Runtime is based on the OpenAthens Platform, sometimes known as the Atacama platform, and is designed to provide a range of access and identity services in both the Identity Provider (IdP) and Service Provider (SP) roles. Eduserv provides a range of OpenAthens products based on this platform which aim to provide a much simpler implementation path than equivalent products such as Shibboleth - the companion product for Service Providers is known as OpenAthens SP.
The Administration Console is a browser based application that enables your administrators to configure how users are authenticated, where to retrieve user data from, the federations you connect to and what information about your users is shared with Service Providers. It also provides graphical statistics, logs and diagnostic tools. Typically user data would be retrieved from an Active Directory or other LDAP server, but OpenAthens LA can easily be configured to use other sources such as relational databases or student registration systems.
The Runtime and Administration Console components are linked by a published configuration; in effect, the Administration Console tells the Runtime how to behave.
Supported federations includeOpenAthens LA should work with any federation, including:
- UK Access Management Federation (UKAMF) (United Kingdom)
- eduID.cz (Czech federation)
- GakuNin (Japan)
- DFN-AAI (Germany)
- RENATER (France)
- SWITCHaai (Switzerland)
OpenAthens LA can also be configured to connect to individual Service Providers on a one to one basis, such as Google Apps, VLEs or Adobe Creative Cloud Enterprise.