I am using IoT platform as an example. Same scenarios applies for other use cases as well.
What we need 1. User Ann, logs into her IoT platform and registers a device 2. IoT platform collects the data from the device and send the data to DAS 3. DAS stores that data under Ann’s account 4. Ann needs to be able to log into IoT platform and see gadgets for her devices. At the same time, those gadgets cannot be seen by other users. If the gadget is a common gadget for all the users. Gadget will show relevant data based on the logged in user. 5. Ann logs into DAS create a gadget that uses data from her devices 6. Then she share that gadget with the user Smith. 7. User Smith come and access the gadget. Currently in DAS, when publishing data, users can login as a tenant. That data will be stored under a table assigned to that tenant. ( we append the tenant name to the table name and handles that transparently). Any user within the current tenant can access that data published to the same tenant. Above scenarios have following problems. 1. When publishing data to DAS, IoT platform should either login as Ann, or need to publish data as a “system” user. Logging in as Ann is not desirable because then the IoT server has to store the user name passwords of Ann ( hence all it’s users). 2. If system user is used, when Ann access the inbuilt gadgets, the Gadget needs to talk to DAS using “system” user. Hence, Gadget configurations needs to save system user user name and passwords. Furthermore, gadget needs to check permissions for Ann before giving her access to Gadget. ( do we support gadget level permissions?) However, sharing “system” user allow her to access data of other users as well. 3. It is not possible for Ann to develop her own gadget without getting access to the “system” account used to publish data to DAS. However, sharing “system” user allow her to access data of other users as well. Potential Solutions I think we should go for a taken based approach (e.g. OAuth) to handle these scenarios. Following are few ideas 1. Using a token ( Ann attesting system user can do publish/ access to this stream on her behalf), Ann let the “system user“ publish data into Ann’s account 2. When we give user Smith access to a gadget, we generate a token, which he will send when he is accessing the gadget, which the gadget will send to the DAS backend to get access to correct tables 3. Same token can be used for API access as well 4. We need to manage the tokens issued to each user so this happen transparently to the end user as much as possible. Of course, above is only a high level sketch. However, I am sure we can figure out the details. Thanks Srinath Content is in the doc, https://docs.google.com/document/d/1qBj5uvzLdALoORmeAwldou4O6uE8ZYR7DZ6djBt7yIw/edit -- ============================ Blog: http://srinathsview.blogspot.com twitter:@srinath_perera Site: http://people.apache.org/~hemapani/ Photos: http://www.flickr.com/photos/hemapani/ Phone: 0772360902
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
