| 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 <2021> 2022 2023 2024 2025 | Index | 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 <2021> 2022 2023 2024 2025 |
| <== Date ==> | <== Thread ==> |
|---|
| Subject: | Re: [EXTERNAL] What is the best (and simple) way to implement security in a Phoebus solution? |
| From: | Oscar Ibañez via Tech-talk <tech-talk at aps.anl.gov> |
| To: | "Kasemir, Kay" <kasemirk at ornl.gov>, "tech-talk at aps.anl.gov" <tech-talk at aps.anl.gov> |
| Date: | Wed, 21 Apr 2021 21:43:34 +0200 |
Hi Mr. Kay, Thank you very much for you answer.This is the kind of orientation that I needed. Anyway, I have answered another user's message requesting more information about my problem. However, and taking into account what you have told me, it seems that the avaliable solutions are limited.
Best, Óscar El 21/04/2021 a las 14:19, Kasemir, Kay escribió:
Is there any recomendable solution to implement username authentication in Phoebus? I mean, some kind of solution to save critical information (password hash?) that, then, it will be used to authenticate an user.Phoebus itself doesn't perform authentication. It depends on the full power of the operating system and simply accepts the current user as an authenticated user. We do support authorization so you can for example enable/disable certain features in your code based on the current user, see online help https://control-system-studio.readthedocs.io/en/latest/authorization.html There is also a SecureStore class based on the standard Java KeyStore that can be used to store name/value pairs, but it only offers weak protection when you use it with the default, code-generated password, see https://github.com/ControlSystemStudio/phoebus/blob/master/core/security/src/main/java/org/phoebus/security/store/SecureStore.java -Kay