14:03:21 <farheen_att> #startmeeting Architecture Committee
14:03:21 <collabot`> Meeting started Wed Mar 18 14:03:21 2020 UTC.  The chair is farheen_att. Information about MeetBot at http://wiki.debian.org/MeetBot.
14:03:21 <collabot`> Useful Commands: #action #agreed #help #info #idea #link #topic.
14:03:21 <collabot`> The meeting name has been set to 'architecture_committee'
14:07:06 <farheen_att> #topic Agenda, single sign on, bi-directional, AiF 360 has a plugin and use cases (IBM (Romeo), ATT, TechM), Secure RTU.  Portal team wants to discuss super admin development.
14:08:39 <farheen_att> #topic Single Sign On Integration
14:11:09 <farheen_att> #info there is a space in wiki.acumos.org.  Ai4u can provide development resources to develop this but we will need guidance. Ai4u or Nokia have their own instance and have their own directory identity server used for single sign on.  Oauth2 with openid.  Uses ws02 which uses oauth2 with open id just like acumos.  It would be great to have just a
14:11:09 <farheen_att> couple of options in yml file for the identity server and no coding will be necessary.  This identity server is the only server they can use.
14:12:22 <farheen_att> #info if new users must be added they should be added to the external identity server if the internal identity server is disabled.  Nokia wants to disable the cloud deployment because it leaves a back door open.  An Azure token out of the box would be nice.
14:13:51 <farheen_att> #info proposal to make an epic to make SSO configurable.  We need someone from architecture or portal to create the user stories for us so we know where to do the implementation and not break anything.  We will bring it in a secure way to the current code base.  There are in the sign up dialogue for Facebook, Google, ... I is not developed.
14:14:59 <farheen_att> #info Manoop - Agree the requirement is an important one that will benefit the entire community.  We agree on this requirement.
14:15:48 <farheen_att> #info the  "Deploy to cloud" comment on the wiki page should be removed.
14:17:06 <farheen_att> #info Manoop - In Acumos-LF we are able to configure with the LF ID server.  That is the user account.
14:18:19 <farheen_att> #info for internal AT&T acumos enforced a cookie style authentication.
14:19:56 <farheen_att> #info Vasu - we deploy working source code.  It is configurable on Acumos-LF.
14:21:10 <farheen_att> #info Nat - March 2018 we disabled the social logins.
14:22:11 <farheen_att> #info resource usage may not be related to AiO installation.  CPU disc space etc.
14:22:21 <farheen_att> #info Optimization
14:23:14 <farheen_att> #info one year ago we had a challenge for ML modelers and we analyzed and found the minimum requirements to install.
14:23:33 <farheen_att> #info we can take it under consideration with platform hardening.
14:24:01 <farheen_att> #info Nat - that hardware recommendation is posted in the documentation.
14:25:14 <farheen_att> #info Manoop - There will be an installation guide that should not be as manual.  We will move away from one click deployment.
14:25:34 <farheen_att> #info Priya We should verify if this is plugable with any or only specific Identity servers.
14:25:53 <farheen_att> #info Manoop- it works with oauth2 and google logins work.
14:27:50 <farheen_att> #info Nat - we don't have to implement new, Rajesh and Vasu contact Martin.
14:28:12 <farheen_att> #topic Bi-directional Federation Wenting.
14:28:33 <farheen_att> #info Bi-directional Communication
14:29:10 <farheen_att> #info bi-directional communication between supplier and subscriber.
14:29:48 <farheen_att> #info recorded demo
15:02:52 <farheen_att> #endmeeting