Difference between revisions of "Fusion Registry Security Overview Version 10"
Jump to navigation
Jump to search
(→Security Overview) |
(→Security Overview) |
||
Line 1: | Line 1: | ||
== Security Overview == | == Security Overview == | ||
− | Security | + | Security is split into two distinct functions: User '''Authentication''' and User '''Authorisation'''. Authentication is the process of ensuing the provided user credentials match up against a valid user account. Authorisation is the process of ensuring a user is allowed to perform the action they are trying to perform. |
− | The Fusion Registry | + | The Fusion Registry only provides Authentication services for two types of user; the [[Fusion Registry Root]] user, and [[Fusion Reporting Node]] users. Authentication for other users are provided by either: |
− | + | * [[Fusion Security]] Web Server | |
+ | * [[Active Directory]] via LDAP | ||
+ | * Apache Tomcat via [[Certificate Authentication]] | ||
− | + | Once a user is Authenticated, the relevant User Account is loaded into the session, and the Fusion Registry uses its security model and rules to '''authorise''' the user is allowed to access the resource. | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Authentication == | == Authentication == |
Revision as of 09:01, 28 April 2019
Contents
Security Overview
Security is split into two distinct functions: User Authentication and User Authorisation. Authentication is the process of ensuing the provided user credentials match up against a valid user account. Authorisation is the process of ensuring a user is allowed to perform the action they are trying to perform.
The Fusion Registry only provides Authentication services for two types of user; the Fusion Registry Root user, and Fusion Reporting Node users. Authentication for other users are provided by either:
- Fusion Security Web Server
- Active Directory via LDAP
- Apache Tomcat via Certificate Authentication
Once a user is Authenticated, the relevant User Account is loaded into the session, and the Fusion Registry uses its security model and rules to authorise the user is allowed to access the resource.