Hi guys,
it takes some days until I analyzed all the mails when we discussed about a better access control including such things like 4-eyes-principle. Additionally to this we have the problem that the batch functions include often the same code like the commands and we want a commandline (cron) interface which could potentially result in the next code duplication.
If we need more than one approval for an action then we have several classes of function:
- workflow function (e.g. editCSR, approveCSR) - object creation function (e.g. basic_csr, issueCert) - handling function (e.g. ldapUpdateCerts) - view and list functions
No model today matchs all requirements. I think this access control or voting functionality is not more than a new layer and we have a strong problem because we have actually no good seperation between GUI and functional code. I would propose something like this
GUI code --> access control / execution code --> OpenCA API
So I think we should rise the priority for the OpenCA API. Before we start discussing the API itself we should think about the design of this mechanism. So I make here a first proposal (there is no code or other documents on this - only ideas :) )
1. The GUI or whatever creates the followoing stuff
- old object or hash (depends on the table)
- old object state (only important for objects)
- hash with parameters
- function of the API2. The UI sends the stuff to an execution engine. This engine checks the required approvals on this action. If all is ok then it invokes the API function. If something is missing then it writes the stuff to the database:
- serialized_old_object
- old_state
- object_type
- serialized_hash
- api_function
If we need an additonal approval then the approval is send to the execution engine and the engine de-serialize the stuff from the database and continues with step 2.
If this design is acceptable then we have several problems:
1. error handling
2. CA, batch and other private key and passphrase handling
3. output handling
4. the authentication part of the access control is UI dependend
--> OpenCA::AC::AUTH::CGI + OpenCA::AUTH::Unix
--> OpenCA::AC::Policy (this is the old access control list which must be replaced by the API functions)
I think I should stop here to allow first a discussion about the basic principles before we start coding. Perhaps some others have better ideas or more experience on such stuff. I only used the default straight forward method ;)
Michael -- _______________________________________________________________
Michael Bell Humboldt-Universitaet zu Berlin
Tel.: +49 (0)30-2093 2482 ZE Computer- und Medienservice Fax: +49 (0)30-2093 2704 Unter den Linden 6 [EMAIL PROTECTED] D-10099 Berlin _______________________________________________________________
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/
_______________________________________________
OpenCA-Devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-devel
