Difference between revisions of "SOA3 User Management Module"
m (Created page with '{| align="right" ||__TOC__ |} == Overview == User Management Module is SOA3 utility for managing user, groups and role information. It gives the possibility to perform CRUD ope…') |
(→Overview) |
||
Line 5: | Line 5: | ||
== Overview == | == Overview == | ||
− | User Management Module is SOA3 utility for managing | + | User Management Module is SOA3 utility for managing users, groups and roles information. It gives the possibility to perform CRUD operations locally and remotely on diverse data sources. |
=== Key features === | === Key features === |
Revision as of 12:43, 22 March 2012
Overview
User Management Module is SOA3 utility for managing users, groups and roles information. It gives the possibility to perform CRUD operations locally and remotely on diverse data sources.
Key features
- Extensibility
- the module is composed by a core defining the most general operations, and diverse implementations modules to communicate with different data sources. Currently an LDAP and a Liferay based implementations are available, but it is possible to add further implementations
- Multiple interfaces
- the core and the implementations are available as Java Libraries to be integrated with the software managing the data. Otherwise a RESTful interface is available to deploy the module as a standalone web service
- High performance
- in particular using an LDAP directory, which is the suggested solution
Design
Philosophy
The architecture has been conceived as modular in order to obtain the maximum extensibility. In other words, after established the set of operations by which it is possible to efficiently manage users, groups and roles, the storage based implementations has been kept distinguished. This allows improvement and manageability of every single storage connector, and the possibility to add connectors to further data sources. SOAP and REST web interfaces give more than a possibility to manage users remotely.
Architecture
- UserManagement core provides the core CRUD operations for managing users, groups and roles information. In particular it exposes operation to:
- create, read, update and delete users and user attributes
- create, read, update and delete groups and groups attributes
- create, read, update and delete groups and groups attributes
- associate roles to an user
- associate users to a group
- LDAP Interface is the configurable module to use an LDAP directory as data source
- Liferay Interface is a library for accessing Liferay 6.0.6 Portal [1] API for managing Liferay user list
- Web Services Interface, SOAP and RESTful exposes User Management core operations as web services
Deployment
Since User Management Module needs to be associated to a data source (LDAP or Liferay database), the single option is to deploy the module at infrastructure level. It should be contacted by SOA3 authorization module in order to load attributes. The following picture shows the deployment:
Use Cases
User Management module covers different use cases inside gCube infrastructure.
Well suited Use Cases
It is possible to distinguish two use case categories:
- portal related use cases
- security related use cases
Portal related use cases concern the Portlets which needs the easy access to users related information. The current production implementation uses Liferay database and is integrated in the portal: in this case user management core is directly called by Portlets in order to access required information. The final decoupled deployment expects to be contacted only by web service: anyway the functionalities are the same.
Security related use cases involve SOA3 internal functionalities. In particular SOA3 Authorization Module could have to access user data in order to obtain some attributes for taking authorization decisions.
Dynamic load of user attributes could be useful also for accounting or SLA management purposes.
Less well suited Use Cases
Describe here scenarios where the subsystem partially satisfied the expectations.