taverna-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Donal K. Fellows" <donal.k.fell...@manchester.ac.uk>
Subject Re: GSoC android app update and availability for first weeks of GSoC
Date Tue, 26 May 2015 09:37:12 GMT
On 25/05/2015 10:00, Larry Akah wrote:
> So I want to know against which server they do so. That is, which server
> holds the user accounts against which they authenticate. The server url to
> which to post data for authentication. Some useful documentation about that
> would help since i have searched and not yet found one that explains user
> authentication with a server.

The server itself holds the user account details; they're configured
through the administrative interface (which is a webapp that is only
open to people with the admin permission flag set). We don't currently
support logging in with accounts defined elsewhere; even if we did, we'd
just be delegating authentication, not authorization.

The credentials are stored in the internal database, hashed with bcrypt.
You have to provide them on each call (except a very few used to fetch
general metadata) using HTTP Basic Auth, which we selected because it is
extremely widely supported by clients. It does however mean that it is
strongly recommended that communications channels between the server and
the clients be secure; HTTPS is one way of doing this, as is co-locating
the server and its client portal on a shared secure network (relatively
easy to do these days).

Is the Taverna Server documentation missing this? It could well be. If
it is, let me know and I'll fix it. :-)

Donal.

Mime
  • Unnamed multipart/mixed (inline, None, 0 bytes)
View raw message