incubator-blur-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Rohr <>
Subject Blur Console User Management
Date Wed, 25 Jun 2014 02:13:24 GMT
In conversations I've had on my projects there have been questions of how
things are secured through the console.  There are a couple of things that
exist today and then there are some ideas that I would like to get feedback

What is there today?

1. If your Blur cluster is setup to use security on the data through the
UserContext paradigm, then in blur-site.config you can setup a config value
that points to a JSON file with the properties needed for data to come
back.  The draw back with this is that there is only one possible user and
all "users" of the console are sharing that configured user.

2. Access to the console can be restricted as it is assumed that the
console will run on a controller node and you could lock down access to the
port running the console.

Other ideas that have come up:

1. Changing the JSON file to allow the creation of multiple users and
having the UI have the ability to switch users.  This gives the ability to
see the data from different real life access control definitions, but all
console users still have access to everything.

2. Setup some sort of user state (maybe through plugable providers) and
then true logins can be created to the console with permissions defined by
the provider implementation.



  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message