Difference between revisions of "Token generator"
(→gCube Token Portlet) |
|||
Line 4: | Line 4: | ||
The gCube Authorization Framework <ref>[https://wiki.gcube-system.org/gcube/Authorization_Framework Authorization Framework]</ref> is based on the concept of Token. A token is basically a random string which encapsulates some information. Two of them are: who's the owner (i.e., the username) of the token and for which context (VO/VRE) that token is valid. The token generator portlet allows users to manage their tokens. It can be used for: | The gCube Authorization Framework <ref>[https://wiki.gcube-system.org/gcube/Authorization_Framework Authorization Framework]</ref> is based on the concept of Token. A token is basically a random string which encapsulates some information. Two of them are: who's the owner (i.e., the username) of the token and for which context (VO/VRE) that token is valid. The token generator portlet allows users to manage their tokens. It can be used for: | ||
* retrieving the context token (i.e. the token of the logged user for the context in which the portlet is deployed); | * retrieving the context token (i.e. the token of the logged user for the context in which the portlet is deployed); | ||
− | * | + | * generating qualified token(s); |
− | * | + | * generating application tokens. |
It is deployed in almost all Infrastructure's context. In the following, further information about ''qualified'' and ''application'' tokens are reported too. | It is deployed in almost all Infrastructure's context. In the following, further information about ''qualified'' and ''application'' tokens are reported too. | ||
Latest revision as of 22:32, 21 November 2016
Contents
gCube Token Portlet
The gCube Authorization Framework [1] is based on the concept of Token. A token is basically a random string which encapsulates some information. Two of them are: who's the owner (i.e., the username) of the token and for which context (VO/VRE) that token is valid. The token generator portlet allows users to manage their tokens. It can be used for:
- retrieving the context token (i.e. the token of the logged user for the context in which the portlet is deployed);
- generating qualified token(s);
- generating application tokens.
It is deployed in almost all Infrastructure's context. In the following, further information about qualified and application tokens are reported too.
Retrieve the security token
The token for each context is automatically created for you. So, the only thing you can do is to retrieve it by using the portlet
Push on the show button to see it together with your current username.
Generate a qualified security token
Starting from gCube release 4.1, a new functionality is available: qualified tokens creation. A qualified token is nothing more than a labeled token, where a label must be a single meaningful word (composed only by alphanumeric characters). You are not allowed to create more than a given number of qualified tokens per scope. The following screenshots show you the steps needed to create a qualified token testQualifier. Push on the Advanced button, and on the Qualified Token one
Now you can insert a qualifier for the token you are going to create
Push on the generate button and if your request succeeds the new qualifier is added to the listbox
Now you can retrieve the token associated to the qualifier just selecting the qualifier itself. Hide the advanced panel and the token of the current context is shown again.
Generate an application security
Starting from gCube release 4.2, a new functionality is available: application tokens creation. An application token is a special token bound to an application identifier (e.g., 'OBIS', 'SmartArea', 'FishBase'), apart a username and a context. The following screenshots show you the steps needed to create an application token for the application FishBase. Open the advanced panel and push on the button App Token. Insert the application identifier
Then click on the Generate button, if all goes ok the generated token is show as below