Add security using Management Portal

Question

Add security using Management Portal

Closed this issue 5 years ago · 7 comments

Add this app-server as a resource in MP and add security here like the Rest-Api does

Answer 1 · 2019-01-04T15:47:33.000Z

Or perhaps on second thoughts maybe some alternative so as to not tightly couple the server with Management Portal

Answer 2 · 2019-07-03T16:05:49.000Z

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Answer 3 · 2019-07-04T07:24:42.000Z

FYI: for example the Gateway abstracts away from management portal by allowing multiple implementations for authentication: https://github.com/RADAR-base/RADAR-Gateway/blob/master/src/main/kotlin/org/radarcns/gateway/auth/Auth.kt. Although permission names are taken from MP, you can as well implement a mapping for another authorization provider. Implementations:

Answer 4 · 2019-07-08T13:34:47.000Z

Ok great, Thanks. Is there a standard for the permission names so that other OAuth providers can also be used by just implementing the Auth interface (for example, without changing the annotations)?

Answer 5 · 2019-07-08T14:04:31.000Z

Yes, most providers allow setting the scope. The scope name is <Entity>.<Operation>., for example, PROJECT.READ, SUBJECT.UPDATE, MEASUREMENT.CREATE. For a full list, see https://github.com/RADAR-base/ManagementPortal/blob/dev/radar-auth/src/main/java/org/radarcns/auth/authorization/Permission.java

Answer 6 · 2019-07-08T16:24:08.000Z

okay. Thanks

Answer 7 · 2019-08-21T13:50:42.000Z

Closed by #27