Difference between revisions of "Authorization Framework"
From Gcube Wiki
Lucio.lelii (Talk | contribs) (→Configuration Overview) |
Lucio.lelii (Talk | contribs) |
||
| Line 1: | Line 1: | ||
The gCube Authorization framework is a token based authorization system in a gCube-based infrastructure. | The gCube Authorization framework is a token based authorization system in a gCube-based infrastructure. | ||
| + | This framework in compliant with the Attribute-based access control (ABAC) that defines an access control paradigm whereby access rights are granted to users through the use of policies which combine attributes together. | ||
== Token based authorization == | == Token based authorization == | ||
Revision as of 14:43, 3 February 2016
The gCube Authorization framework is a token based authorization system in a gCube-based infrastructure. This framework in compliant with the Attribute-based access control (ABAC) that defines an access control paradigm whereby access rights are granted to users through the use of policies which combine attributes together.
Token based authorization
The token is a meaningless string generated on request by the Authorization service for every entity belonging to the gCube-infrastructure (users or services). The token is passed in every call and is automatically propagated in the lower layers.
Configuration Overview
The service runs on a smartgears node.
It relies on a postgresSQL instance to store the created tokens.
