Authorization Mechanism.

NRAO Interactive Services Modification Request 1C108, November 2007



1. Introduction

Add a mechanism to create customizable list of roles within that tool (e.g., PST:USER, CASA:TESTER, ARCHIVE:ADMIN, OPS:XYZ, etc:etc).

2. Background

Right now the existing my.nrao site has a set of roles (formerly groups). My thinking is we add a "tool" tier to the role logic so that your authentication returns a list of tools followed by a customizable list of roles within that tool (e.g., PST:USER, CASA:TESTER, ARCHIVE:ADMIN, OPS:XYZ, etc:etc). The reason for the above is we have already found conflict in one and only one set of authorization definitions for all downstream applications.

4. Design

Technical lead should provide a brief description of how this will be implemented in the code.

5. Deployment Checklist

Documentation? Systems/hardware/networking things needed for deployment?

6. Test Plan

6.1 Internal Testing

6.2 Sponsor Testing

6.3 Integration/Regression Tests


Signatures

APPROVED: I acknowledge that my request is fully contained in this MR, and if the Open Sky (or other NIS or PST developers) deliver exactly what I specified, I will be happy.

ACCEPTED: I acknowledge that I have validated the completed code according to the acceptance tests, and I am happy with the results.

Written ALERT! - OpenSky - 26 Nov 2007
Checked - - - - -
Approved by Scientific Sponsor - - - - -
Accepted/Delivered by Sponsor - - - - -

Symbols:
  • Use %X% if MR is not complete (will display ALERT!)
  • Use %Y% if MR iscomplete (will display DONE)


Discussion Area

-- OpenSky - 26 Nov 2007
Topic revision: r1 - 2007-11-26, OpenSky
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding NRAO Public Wiki? Send feedback