In conversations I've had on my projects there have been questions of how things are secured through the console. There are a couple of things that exist today and then there are some ideas that I would like to get feedback on.
What is there today? 1. If your Blur cluster is setup to use security on the data through the UserContext paradigm, then in blur-site.config you can setup a config value that points to a JSON file with the properties needed for data to come back. The draw back with this is that there is only one possible user and all "users" of the console are sharing that configured user. 2. Access to the console can be restricted as it is assumed that the console will run on a controller node and you could lock down access to the port running the console. Other ideas that have come up: 1. Changing the JSON file to allow the creation of multiple users and having the UI have the ability to switch users. This gives the ability to see the data from different real life access control definitions, but all console users still have access to everything. 2. Setup some sort of user state (maybe through plugable providers) and then true logins can be created to the console with permissions defined by the provider implementation. Thoughts? Chris
