-
Notifications
You must be signed in to change notification settings - Fork 5
Authentication Authorization
CDP4-COMET makes use of a Role Based Access Control. A Person, which is the type used to describe a user on CDP4-COMET, is assigned a Role that permits the user to acess data based on the Permissions that are associated to this Role. The CDP4-COMET Database is used to store and retrieve the known users as well as the different kinds of Roles that exist in the system. Authorization is fully managed by CDP4-COMET itself. Authentication however can be offloaded to a different system.
Authentication and Authorization are not the same. Authentication is a mechanism used to determine the identity of a user, many times based on a secret (e.g. a password). Authorization is a mechanism used to determine what a user is allowed to do. Usualy a user is first authenticated after which the authorization is determined.
The CDP4-COMET Web Services makes use of Basic Authentication and Cookie-Based Authentication.
The CDP4-COMET provides a plugin mechanism to enable different means of authentication. Currently support for 2 systems is supported: CDP4-COMET Authentication and LDAP Authentication.
More information coming soon
LDAP Authentication is only available with the Enterprise Edition.
copyright @ Starion Group S.A.