Difference between revisions of "Auth Portlet"

From Gcube Wiki
Jump to: navigation, search
(Introduction)
(Insert/Modify a Policy)
 
(23 intermediate revisions by 2 users not shown)
Line 5: Line 5:
 
==Introduction==
 
==Introduction==
  
With this portlet it’s possible to create a policy to deny access to services in the current context.
+
With this portlet it’s possible to create a policy to deny access for a user or group of users to a service or group of services in a specific context.
  
Below it is shown the overall layout of the Auth Portlet:
+
''Below it is shown the overall layout of the Auth Portlet''
  
[[Image:AuthPortlet_List.png|800px|center|Auth Portlet Overall]]
+
[[Image:AuthPortlet_List_Detail.png|80%|center|Auth Portlet Overall]]
  
==Insert a Policy==
+
Every policy is consisting of:
 +
#one or more Caller
 +
#Service
 +
#Access
  
  
 +
'''The caller''' can be an User, a Role or a Service and you can insert one or more callers for each policy.
  
[[Image:AuthPortlet_InsertPopUp.png|500px|center|Auth Portlet Insert a Policy]]
+
''(The insertion of a policy with more callers results as more policy).''
  
==Search a Policy==
+
'''The service ''' is specified as service class, service name and service id.
  
 +
'''The access ''' that we want to deny can be: 
  
[[Image:AuthPortlet_Filter.png|800px|center|Auth Portlet Filter a Policy]]
+
*All
 +
*Access
 +
*Delete
 +
*Execute
 +
*Write
  
 +
==Insert/Modify a Policy==
 +
 +
For insert a policy we can add one or more Caller, one service and access type.
 +
 +
The insertion of a caller can be made with an autocomplete writing in the input, or clicking the button Add User role or add service, that opens a pop-up to insert more things.
 +
 +
We can create a policy that inserts all users or all role with  the specific button “All Users” or “All Role”
 +
 +
The insertion of a caller can be made  with complete  input text , or clicking  button “Add User/ Role” or “Add Service” to open a pop up for multiple entry.
 +
 +
The insertion with an autocomplete can be made with the insertion of a first controlled character:
 +
 +
*if you insert a user, you can digit @ for see all users
 +
*if you insert a role, you can digit # for see all roles
 +
*if you want insert a service, you can digit $ for see all the services.
 +
 +
 +
[[Image:AuthPortlet_InsertPopUp.png|100%|center|Auth Portlet Insert a Policy]]
 +
 +
The selection of the service and the access type It’s done with a selected dropdown
 +
 +
We can insert a policy that allows the use of a service only to one or more caller, selecting the combination ALL Users/All role and Except.
 +
 +
In this case, the callers, entered in input text, are enabled to access a service.
 +
 +
For an existing policy, you can change only the service and the access type.
 +
 +
==Search a Policy==
 +
It Is possible to search, filter and group by all policy.
 +
 +
 +
[[Image:AuthPortlet_Filter_detail.png|100%|center|Auth Portlet Filter a Policy]]
 +
  
 
[[Image:AuthPortlet_Filter_bar.png|300px|center|Auth Portlet Search a Policy]]
 
[[Image:AuthPortlet_Filter_bar.png|300px|center|Auth Portlet Search a Policy]]
 +
 +
If we want to search a caller, we can digit @ before inserting a name of the caller.
 +
 +
If we want to search a service, we can digit $ before inserting a name of the service.
 +
 +
And finally if we want to search an access, we can digit * before inserting a type of an access.
 +
 +
The filter can be incremental.
  
  
 
[[Image:AuthPortlet_Filter_search.png|800px|center|Auth Portlet Search a Policy]]
 
[[Image:AuthPortlet_Filter_search.png|800px|center|Auth Portlet Search a Policy]]
  
 +
 +
Over the filter we can organize a policy in caller type, for example user, role and service
  
 
[[Image:AuthPortlet_Filter_group.png|200px|center|Auth Portlet Group a Policy]]
 
[[Image:AuthPortlet_Filter_group.png|200px|center|Auth Portlet Group a Policy]]
  
 
==Delete a Policy==
 
==Delete a Policy==
 +
 +
It’s possible to delete one or more policies simply clicking on the delete button.
  
 
[[Image:AuthPortlet_Delete_popup_check.png|413px|center|Auth Portlet Example Delete check a Policy]]
 
[[Image:AuthPortlet_Delete_popup_check.png|413px|center|Auth Portlet Example Delete check a Policy]]

Latest revision as of 15:18, 5 October 2016

Introduction

With this portlet it’s possible to create a policy to deny access for a user or group of users to a service or group of services in a specific context.

Below it is shown the overall layout of the Auth Portlet

Auth Portlet Overall

Every policy is consisting of:

  1. one or more Caller
  2. Service
  3. Access


The caller can be an User, a Role or a Service and you can insert one or more callers for each policy.

(The insertion of a policy with more callers results as more policy).

The service is specified as service class, service name and service id.

The access that we want to deny can be:

  • All
  • Access
  • Delete
  • Execute
  • Write

Insert/Modify a Policy

For insert a policy we can add one or more Caller, one service and access type.

The insertion of a caller can be made with an autocomplete writing in the input, or clicking the button Add User role or add service, that opens a pop-up to insert more things.

We can create a policy that inserts all users or all role with the specific button “All Users” or “All Role”

The insertion of a caller can be made with complete input text , or clicking button “Add User/ Role” or “Add Service” to open a pop up for multiple entry.

The insertion with an autocomplete can be made with the insertion of a first controlled character:

  • if you insert a user, you can digit @ for see all users
  • if you insert a role, you can digit # for see all roles
  • if you want insert a service, you can digit $ for see all the services.


Auth Portlet Insert a Policy

The selection of the service and the access type It’s done with a selected dropdown

We can insert a policy that allows the use of a service only to one or more caller, selecting the combination ALL Users/All role and Except.

In this case, the callers, entered in input text, are enabled to access a service.

For an existing policy, you can change only the service and the access type.

Search a Policy

It Is possible to search, filter and group by all policy.


Auth Portlet Filter a Policy


Auth Portlet Search a Policy

If we want to search a caller, we can digit @ before inserting a name of the caller.

If we want to search a service, we can digit $ before inserting a name of the service.

And finally if we want to search an access, we can digit * before inserting a type of an access.

The filter can be incremental.


Auth Portlet Search a Policy


Over the filter we can organize a policy in caller type, for example user, role and service

Auth Portlet Group a Policy

Delete a Policy

It’s possible to delete one or more policies simply clicking on the delete button.

Auth Portlet Example Delete check a Policy


Auth Portlet Delete a Policy