Uploaded image for project: 'SAFe Program'
  1. SAFe Program
  2. SP-3545

Mini SRCNet Demonstrator User Access Token Integration

Change Owns to Parent OfsSet start and due date...
    XporterXMLWordPrintable

Details

    • SRCnet
    • Hide
      • demonstrates integration of Mini SRCNet Demonstrator (MSND) with user access tokens from IAM identity management system
      • demonstrates MSND integration with different authorization mechanisms
      • future proofing as it will be used across all eventual services of the MSND
      Show
      demonstrates integration of Mini SRCNet Demonstrator (MSND) with user access tokens from IAM identity management system demonstrates MSND integration with different authorization mechanisms future proofing as it will be used across all eventual services of the MSND
    • Hide

      AC1: code changes in library to access GMS with user tokens made and Docker images builtĀ 

      AC2: users can get non-public data from SI storage (raven, minoc) using an access token with authorization based on group membership

      AC3: users can put files into SI storage using an access token with authorization based on group membership

      Show
      AC1: code changes in library to access GMS with user tokens made and Docker images builtĀ  AC2: users can get non-public data from SI storage (raven, minoc) using an access token with authorization based on group membership AC3: users can put files into SI storage using an access token with authorization based on group membership
    • Inter Program
    • 1
    • 1
    • 0
    • Team_RED
    • Hide

      RED-9

      RED-10

      AC1: GMS changes available from image version: cadc-gms-1.0.5

      AC2: Demonstrated in: https://confluence.skatelescope.org/pages/viewpage.action?pageId=227163873 (from 11:00 showing token access)

      AC3: Not demoed yet, but theoretically should work (would like to see demo when available!)

      Show
      RED-9 RED-10 AC1: GMS changes available from image version: cadc-gms-1.0.5 AC2: Demonstrated in: https://confluence.skatelescope.org/pages/viewpage.action?pageId=227163873 (from 11:00 showing token access) AC3: Not demoed yet, but theoretically should work (would like to see demo when available!)
    • 20.4
    • Stories Completed, Integrated, Outcomes Reviewed, Demonstrated, Satisfies Acceptance Criteria, Accepted by FO

    • PI24 - UNCOVERED

    • SRC-MiniNode Team_RED

    Description

      Demonstrate integration of user A&A with access tokens from AAI prototype within the Mini SRCNet Demonstrator. Services will be able to validate access tokens received from the caller/client and use it to verify the callers membership in a group managed in the IAM prototype via the GMS API.

      Data sync in MSND currently relies on the data be public (anon readable) because we don't have client certs and CDP (credential delegation protocol) and the related complexity to support a "storage ops" group being able to sync (get) all files from all sites... we are planning to retroactively make one collection private to demo "authorized get" (but those files would no longer be sync-able).

      We're planning to enable "authorized put", but for data sync to work the namespace(s) would have to be public (anon readable)... that's obviously not sufficient long term but these limitations are needed to make this work without too much scope creep.

      Attachments

        Issue Links

          is required by

          Feature - A Feature is a service that fulfills a stakeholder need. Each feature includes a benefit hypothesis and acceptance criteria, and is sized or split as necessary to be delivered by a single Agile Release Train (ART) in a Program Increment (PI). SP-3708 MSND Science Platform Deployment

          • Must have - Items labelled as "Must have" are critical to the current delivery timebox in order for it to be a success.
          • Done
          mentioned in

          Page Loading...

          Structure

            Activity

              People

                j.collinson Collinson, James
                s.goliath sharon goliath
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Feature Progress

                  Story Point Burn-up: (100.00%)

                  Feature Estimate: 1.0

                  IssuesStory Points
                  To Do00.0
                  In Progress   00.0
                  Complete30.7
                  Total30.7

                  Dates

                    Created:
                    Updated:
                    Resolved:

                    Structure Helper Panel