Project

Profile

Help

Story #5338

closed

As a user I have a token server that manages a user access control

Added by lmjachky over 4 years ago. Updated about 3 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
-
Sprint/Milestone:
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Sprint 89
Quarter:

Description

The server will maintain a record of authorized users within different scopes. A client will need to log in (send an HTTP GET request) with credentials provided in a request header in order to process further with a requested operation.

For example, a user/docker daemon will be able to execute the following command to accomplish an authentication and generate a secure token:

curl -Lv -u <username>:<password> "https://sso.redhat.com/auth/realms/rhcc/protocol/redhat-docker-v2/auth?service=docker-registry&client_id=curl&scope=repository:rhel:pull"

The fields "<username>" and "<password>" will be managed by the token server. For now, the token server is neither a separate process nor application. Access to different scopes and different type of actions will be granted based on the result of an authentication.


Related issues

Related to Container Support - Story #4938: As a user i can pull content from an authenticated Pulp registryCLOSED - CURRENTRELEASElmjachky

Actions
Blocked by Pulp - Story #5339: Add support for role based access controlCLOSED - CURRENTRELEASE

Actions

Also available in: Atom PDF