Authorization Mechanism.
NRAO Interactive Services Modification Request 1C108, November 2007
1. Introduction
Add a mechanism to create customizable list of roles within that tool (e.g.,
PST:USER, CASA:TESTER, ARCHIVE:ADMIN, OPS:XYZ, etc:etc).
2. Background
Right now the existing my.nrao site has a
set of roles (formerly groups). My thinking is we add a "tool" tier to
the role logic so that your authentication returns a list of tools
followed by a customizable list of roles within that tool (e.g.,
PST:USER, CASA:TESTER, ARCHIVE:ADMIN, OPS:XYZ, etc:etc). The reason for
the above is we have already found conflict in one and only one set of
authorization definitions for all downstream applications.
4. Design
Technical lead should provide a brief description of how this will be implemented in the code.
5. Deployment Checklist
Documentation? Systems/hardware/networking things needed for deployment?
6. Test Plan
6.1 Internal Testing
6.3 Integration/Regression Tests
Signatures
APPROVED: I acknowledge that my request is fully contained in this MR, and if the Open Sky (or other NIS or PST developers) deliver exactly what I specified, I will be happy.
ACCEPTED: I acknowledge that I have validated the completed code according to the acceptance tests, and I am happy with the results.
Written |
- OpenSky - 26 Nov 2007 |
Checked |
- - - - - |
Approved by Scientific Sponsor |
- - - - - |
Accepted/Delivered by Sponsor |
- - - - - |
Symbols:
- Use
%X%
if MR is not complete (will display )
- Use
%Y%
if MR iscomplete (will display )
Discussion Area
--
OpenSky - 26 Nov 2007