Bug #5821
openAllow certificate-based Metacat administration
0%
Description
As we move toward the DataONE API where the MN does not provide identity and authorization services, perhaps the Metacat administrative functions should also follow suit. This would be a pretty large change for our users, but ultimately will simplify things so that we are not using two different identity/auth schemes to manage a single server.
In cases where the Metacat administrator did not have a useable (CILogon) identity we cold provide a utility to generate a client certificate for administrative use (or something akin to this). Ultimately this would need to be available in a browser UI where the bulk of our admin/config is performed.
Related issues
Updated by ben leinfelder about 11 years ago
We could probably have the LDAP and certificate-based auth schemes coexist for some time. Would take some doing in the main request handlers to figure out exactly what the request was carrying and whether or not to trust it, but I have hope for this approach in the interim as we deprecate the Metacat API.
Updated by ben leinfelder almost 11 years ago
- Target version changed from 2.1.0 to 2.2.0
Updated by ben leinfelder over 10 years ago
- Target version changed from 2.2.0 to 2.2.1
Updated by ben leinfelder over 10 years ago
- Target version changed from 2.2.1 to 2.4.0
Updated by ben leinfelder about 10 years ago
- Target version changed from 2.4.0 to 2.5.0
Updated by ben leinfelder almost 10 years ago
- Target version changed from 2.5.0 to 2.x.y