Thanks Weronika. Just a few quick questions so far:
- Doc states that two roles are defined, User and Admin. By roles, are you referring to the Roles as found in OpenLMIS today? We can define many different roles, each with their own set of rights. So, are the User and Admin examples of those Roles, or something else?
- On a similar note, often applications will have to run background processes, utility tasks or other “headless” processes. Do we need any special facility for these sorts of superuser tasks?
- Again, similar to OPenLMIS 2.0, we will define Roles and rights. Should those domains be owned by the proposed auth service, or owned by the reference data/requisition service? If so, I imagine the auth service would communicate with the reference data service to retrieve the rights granted to the user in question…?
Thanks - Rich
--
You received this message because you are subscribed to the Google Groups "OpenLMIS Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
openlmis-dev...@googlegroups.com.
To post to this group, send email to
openlm...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/openlmis-dev/1a8a1225-c107-4ad0-b373-ab7e77d2b3f5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Thanks Weronika. Just a few quick questions so far:
- Doc states that two roles are defined, User and Admin. By roles, are you referring to the Roles as found in OpenLMIS today? We can define many different roles, each with their own set of rights. So, are the User and Admin examples of those Roles, or something else?
- On a similar note, often applications will have to run background processes, utility tasks or other “headless” processes. Do we need any special facility for these sorts of superuser tasks?
- Again, similar to OPenLMIS 2.0, we will define Roles and rights. Should those domains be owned by the proposed auth service, or owned by the reference data/requisition service? If so, I imagine the auth service would communicate with the reference data service to retrieve the rights granted to the user in question…?
Thanks - Rich
From: openlm...@googlegroups.com [mailto:openlm...@googlegroups.com] On Behalf Of Weronika Ciecierska
Sent: Wednesday, June 22, 2016 8:39 AM
To: OpenLMIS Dev <openlm...@googlegroups.com>
Subject: [openlmis-dev] Authentication across services in OpenLMIS spike
Hello!
We've been working on ticket OLMIS-668: Spike: Authentication across services, which deals with the research on how to do authentication across multiple services
and writing recommendation for OLMIS-546: Web Security. I'm attaching the results of our research. We will be grateful for your opinions. Please let us know if there is anything missing
that should be covered with this spike and if all points sound reasonable.
Best regards,
Weronika Ciecierska
--
You received this message because you are subscribed to the Google Groups "OpenLMIS Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openlmis-dev...@googlegroups.com.
To post to this group, send email to openl...@googlegroups.com.
To post to this group, send email to openlm...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/openlmis-dev/7726833a-75f1-4838-aeff-06010f73df24%40googlegroups.com.