Project

Profile

Help

Story #5338

Updated by lmjachky over 4 years ago

The server will maintain a record of authorized users within different scopes. scopes or roles. A client will need to log in (send an HTTP GET request) with credentials provided in a request header in order to process further with a requested operation. 

 For The role based access control can be utilized by multiple plugins. In a docker plugin, for example, a user/docker daemon will be able to execute the following command to accomplish an authentication and generate a secure token: 

 <pre><code class="text"> 
 curl -Lv -u <username>:<password> "https://sso.redhat.com/auth/realms/rhcc/protocol/redhat-docker-v2/auth?service=docker-registry&client_id=curl&scope=repository:rhel:pull" 
 </code></pre> 

 The fields "<username>" and "<password>" will be managed by the token server. For now, the token server is neither a separate process nor application. core. Access to different scopes and different type of actions repositories will be granted based on the result of an authentication.

Back