Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Login

client calls login for the creds it has and gets an auth token. The auth token is then sent on each method call

db schema for security:

users

------

username | password | salt | token (default null) | token_expiration_ts (default 0)

Each time the service sees a token, it checks to see if exists in the db and is not expired and matches the username

Server Based Security

Access control should be managed at the Server level (instead of the Engine).

  • The Engine manages how data is stored. Access controls should not alter the way data is stored
  • If the Engine doesn't know about access control, then we can more easily replace the Engine in the future

 

Open Questions

  1. Should we require user authentication to invoke managed operations from the command line?
    1. These operations do not go through the client, so we would have to a) create special JMX hook into the server based authentication scheme or b) create a separate authentication scheme for managed operations.
  2. How should we hash passwords?
    1. Do we need a master serverKey hash? How is this generated and where is it stored?
    2. Do we need salt per user?
    3. Which hash algorithm should we use?
  3. Do we need to associate a fingerprint (ip address, etc) with each AccessToken?
    1. How would we get this info server side? Does the client need to pass it along when logging in?

 

  • No labels