Can somebody tell me what the "use authentication" feature in SDS does? For example, what resources does it secure? Does it secure access of the html pages when viewing jnlps/curnits/offerings/users/workgroups via the browser, or does it secure access of REST API calls? Or is it something else?
Does authentication currently work in either cases? I tried enabling authentication on portal 17, and I was able to access the portal 17's resources via the browser and via REST GET commands. Also, I can just as easily disable authentication on portal 17 (it didn't ask me to authenticate to change the settings). It looks like anybody can enable/disable authentication on any portal right now. Currently, if a student knows the url saildataservice.concord.org, he/she can run any project in any portal realm in the SDS. This is not ideal. Thanks, Hiroki --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "SAIL-Dev" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/SAIL-Dev?hl=en -~----------~----~----~----~------~----~------~--~---
