Details
-
Feature
-
Won't have (this time)
-
None
-
Obs Mgt & Controls
-
-
-
Intra Program
-
4
-
4
-
0
-
-
-
-
Taranta
Description
When people will use the AIV Portal (https://jira.skatelescope.org/browse/SS-115) they will have to authetnicate themselves twice: once with the portal and MS, and a second time when reaching Taranta.
We need to get rid of this second step, and do it automatically.
The solution that is envisioned is for Taranta to detect if an appropriate MS authentication cookie has been collected by the browser, and if so use that to authorize the user to use Taranta. This will be in addition to the mechanism that is available now.
Important detail: right now Taranta users normally log in using group credentials (like credentials for the CREAM team to access the dashboards that CREAM created).
With this new mechanism, it will be the individual users that is going to be authenticated, not a group. In order for Taranta to display the group-related dashboards as it does with the normal log in mechanism, we need the groups to be defined at the top authentication layer. Therefore we believe that SKAO IT should make sure that individual credentials are associated to groups, and that at least groups for each dev and PM teams are created. If this is not in place, users might now be able to see relevant dashboards.
Thus, there is a dependency on IT to provide these groups.
See existing material:
- demo of the AIV Portal tool: https://confluence.skatelescope.org/display/SE/2024-02-01+OMC+ART+System+Demo+21.4
- Stargazer's objective: https://jira.skatelescope.org/browse/SPO-2941
