Differences
This shows you the differences between two versions of the page.
metamod:security_plans [2008-11-27 10:13:43] heikok |
metamod:security_plans [2022-05-31 09:29:32] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Change of Authentication in Metamod 2.X ====== | ||
- | ===== Overview of Metamod authorization and authentication | ||
- | |||
- | ^ Type ^ Access ^ Authentication ^ Password-store ^ | ||
- | | Administration of Metamod | http:// | ||
- | | Administration of Tomcat | http:// | ||
- | | Access to upload-environment |http:// | ||
- | | Access to upload-environment |ftp:// | ||
- | | Administration of Metamod-server | ssh:server | passwd | PAM-configured | | ||
- | |||
- | ===== Wishlist ===== | ||
- | |||
- | The current implementation has some drawback, which are addressed by the following wishlist: | ||
- | |||
- | - one password store should be enough | ||
- | - authentication methods security-level should be industry standard compliant | ||
- | - single sign on | ||
- | |||
- | ===== Idea ===== | ||
- | |||
- | ==== Password storage ==== | ||
- | |||
- | Using a directory server for authentication. The directory server needs to support user, passwords and groups. This can be i.e. any LDAP server. | ||
- | |||
- | * // | ||
- | * // | ||
- | * //passwd// can be replaced with LDAP via [[http:// | ||
- | * // | ||
- | |||
- | ==== Industry Standard compliance ==== | ||
- | |||
- | * // | ||
- | * ftp is industry standard, with low security. | ||
- | * ssh is industry standard, with moderate security. | ||
- | * //metamod// security is not tested. Metamod-application authentication will require lots of testing to become comparable to industry-standard. Simplest to switch to // | ||
- | |||
- | |||
- | ==== Single Sign On ==== | ||
- | |||
- | ** No solution! ** Evaluated: | ||
- | |||
- | * Using Kerberos, requires kerberos-support from client-side, | ||
- | * Using SAML, that is SSO on application-level. This will be hard to impossible to implement since we don't have control of Thredds, ssh and ftp. | ||
- | * Using tomcat within apache (mod_jk, mod_proxy), having same security realm. This would be a good solution for SSO on the http-side (simply having one application), | ||
- | |||
- | ==== Changes needed ==== | ||
- | |||
- | === BasicAuth for /upl === | ||
- | |||
- | * .htaccess protection for all /upl/* pages | ||
- | * Registration and password changes outside /upl | ||
- | * Only username known to metamod $_SERVER{REMOTE_USER} after login, not institution/ | ||
- | |||
- | === (Optional) upload-area per user === | ||
- | |||
- | * each user should have a user-directory, | ||
- | |||
- | |||
- | ~~DISCUSSION~~ |