Hi Hasini, Would it be possible for you to do a demo on this ?
Thanks -Thejaka On Sun, May 24, 2015 at 11:34 PM, Hasini Gunasinghe (JIRA) <j...@apache.org> wrote: > > [ > https://issues.apache.org/jira/browse/AIRAVATA-1624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14557944#comment-14557944 > ] > > Hasini Gunasinghe commented on AIRAVATA-1624: > --------------------------------------------- > > Hi Suresh and Airavata team, > > This is to provide an update about the work done so far for the sprint 1 > of the GSoC project. > I sent a pull request from the forked repo on which I did the > modifications to the Airavata code. Please let me know if you have not > received it. > Please find more details about the work on the first week of the sprint 1, > how to run the implemented PoC and the associated sample, remaining work on > sprint 1 and planned tasks for sprint 2 at the wiki page: > https://cwiki.apache.org/confluence/display/AIRAVATA/Sprint+1 > > I would appreciate your feedback. > > Thanks, > Hasini. > > > [GSoC] Securing Airavata API > > ---------------------------- > > > > Key: AIRAVATA-1624 > > URL: https://issues.apache.org/jira/browse/AIRAVATA-1624 > > Project: Airavata > > Issue Type: New Feature > > Components: Airavata API > > Reporter: Suresh Marru > > Labels: gsoc, gsoc2015, mentor > > Fix For: WISHLIST > > > > Attachments: Securing_ARAVATA_API_V1.pdf > > > > > > Apache Airavata uses Thrift based API's for external facing API's and > for system internal CPI's. The API's need to be secured adding > authentication and authorization capabilities. > > The Authentication need to ensure only approved users/clients can > communicate. Similarly clients should only interact with valid servers. > > Authorization need to be enforced to ensure only users with specific > roles can appropriately access specific API's. As an example, > administrative roles should be able see all the users experiments where as > end users can only see his/her data and not access other information > (unless explicitly shared). > > Earlier GSoC project focused on this topic has relavent discussion. > > > https://cwiki.apache.org/confluence/display/AIRAVATA/GSoC+2014+-+Add+Security+capabilities+to+Airavata+Thrift+services+and+clients > > > > -- > This message was sent by Atlassian JIRA > (v6.3.4#6332) >