Support Authentication

[fraunhofer-iis-bot]

In GitLab by @jannismain on Feb 28, 2020, 12:46

Rationale

A common use-case for multi user applications might be to restrict the ability of certain users.

For example, the first user may get full hardware access, subsequent concurrent users might only be allowed to use safe request, like subscribe to push services and use get-request. Some applications might also define own roles and privileges on a per-request-handler basis. Alternatively, only certain users (authorized via password) or hosts (via hostname/ip) receive full privileges, while others are restricted to safe requests.

For this concept, there are some additions to libjapi required:

• client roles (clients may have different privileges)
• client authentication (new command japi_authenticate)
• client session management (first client might disconnect, now second client should get access to set-requests)

Use Case

abt-hfs/interstellar/gui_fe_dac>

• Multiple web clients are connected to interstellar board controller
  • Web Client A connects to interstellar controller C (libjapi)
  • Then, Web Client B connects to same interstellar controller C
  • A sends request to change hardware configuration -> successful
  • B must be informed about the changes made by A (--> push service)
  • B must be prohibited from making changes to the hardware (set-request) while A is connected
  • B might issue get-requests or subscribe to any push service, as these are safe request

[fraunhofer-iis-bot]

In GitLab by @jannismain on Feb 28, 2020, 18:18

mentioned in issue abt-hfs/interstellar/server_adc#104

[fraunhofer-iis-bot]

In GitLab by @jannismain on Feb 28, 2020, 18:20

mentioned in issue abt-hfs/interstellar/gui_fe_dac#28