<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Dec 3, 2013 at 3:42 PM, Lucas Holmquist <span dir="ltr"><<a href="mailto:lholmqui@redhat.com" target="_blank">lholmqui@redhat.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div class=""><div class="h5"><br>
On Dec 3, 2013, at 6:21 AM, Bruno Oliveira <<a href="mailto:bruno@abstractj.org">bruno@abstractj.org</a>> wrote:<br>
<br>
> Hi Sebi, few comments inline.<br>
><br>
> On December 3, 2013 at 8:54:22 AM, Sebastien Blanc (<a href="mailto:scm.blanc@gmail.com">scm.blanc@gmail.com</a>) wrote:<br>
>><br>
>> Hi,<br>
>> I wanted to start a fresh new thread about user management in the Unified<br>
>> Push Server, please check below the proposition I made for the next release<br>
>> (0.10.0) , feel free to comment / ask questions etc ...<br>
>><br>
>> (<a href="https://gist.github.com/sebastienblanc/6547605" target="_blank">https://gist.github.com/sebastienblanc/6547605</a>)<br>
>> User Management for the Aerogear Unfied Push<br>
>> Server<br>
>> Introduction<br>
>><br>
>> The goal of this document is to describe how the User Management will be<br>
>> implemented in the Unified Push Server. Currently there is only one user<br>
>> created by default when installing UPS. Having the possibility to create<br>
>> multiple users is a "Must Have" and should be manageable from the Admin<br>
>> Console. Some roles should also be introduced<br>
>> Roles /<br>
>> Permissions<br>
>><br>
>> There will be 3 different roles in this first version :<br>
>><br>
>> - *Admin* : The Admin is like the super-user, it can access all the<br>
>> features of UPS including the creation of users.<br>
>> - *Developer* : The developer can create/read/update and delete<br>
>> Applications/variants.<br>
>> - *viewer* : Can only 'Read', can be useful for monitoring apps (or for<br>
>> the future UPS Forge Plugin).<br>
><br>
> Here the Developer role will be able to reset user’s password? Or his own password?<br>
><br>
>><br>
>> Role / actionCreateUpdateReadDeleteReset pwdUser MngtAdminXXXXXXDeveloperXXX<br>
>> XXViewer X<br>
>> User<br>
>> management flow<br>
>><br>
>> An Admin can create new user by providing a loginName. This will be<br>
>> possible through :<br>
>><br>
>> - The console<br>
>> - The REST service<br>
>><br>
>> Password<br>
>> Management<br>
>><br>
>> At creation, the user will have a default password , i.e 123.<br>
><br>
> I think here is the problem which we can’t delay anymore. At the creation we should probably send an e-mail with the encrypted url for the password setup.<br>
><br>
> Is not the same thing, but the url approach can be something similar to what SP does to register channels.<br>
<br>
</div></div>i'm not sure we should put the email functionality in the UPS, but we could have a "create a secure link" option that the admin can then email out<br></blockquote><div><br></div><div style="font-family:arial,sans-serif;font-size:12.800000190734863px">
<br></div><div> </div><div><br></div><div style="font-family:arial,sans-serif;font-size:12.800000190734863px">Stop me if I'm completely wrong but could we use our own cryptobox for this, I was thinking of this : <a href="https://github.com/aerogear/aerogear-crypto-java/blob/master/src/test/java/org/jboss/aerogear/crypto/CryptoBoxTest.java#L111" target="_blank">https://github.com/aerogear/aerogear-crypto-java/blob/master/src/test/java/org/jboss/aerogear/crypto/CryptoBoxTest.java#L111</a></div>
<div style="font-family:arial,sans-serif;font-size:12.800000190734863px"><br></div><div style="font-family:arial,sans-serif;font-size:12.800000190734863px">Which could be (again pardon my newbiness) : </div><div style="font-family:arial,sans-serif;font-size:12.800000190734863px">
<br></div><div style="font-family:arial,sans-serif;font-size:12.800000190734863px"><pre style="white-space:pre-wrap;line-height:12.800000190734863px;width:744px;font-size:12px;margin-bottom:0px;font-family:Consolas,'Liberation Mono',Courier,monospace;margin-top:0px;padding:0px">
<div><span style="color:rgb(153,153,136);font-style:italic">//when generating the link</span></div><div><span style="color:rgb(51,51,51)">CryptoBox</span> <span style="color:rgb(51,51,51)">cryptoBox</span> <span style="font-weight:bold">=</span> <span style="font-weight:bold">new</span> <span style="color:rgb(51,51,51)">CryptoBox</span><span style="font-weight:bold">(</span><span style="font-weight:bold">new</span> <span style="color:rgb(51,51,51)">PrivateKey</span><span style="font-weight:bold">(</span><span style="color:rgb(51,51,51)">UPS_SECRET_KEY</span><span style="font-weight:bold">));</span></div>
<div><span style="color:rgb(68,85,136);font-weight:bold">byte</span><span style="font-weight:bold">[]</span> <span style="color:rgb(51,51,51)">IV</span> <span style="font-weight:bold">=</span> <span style="color:rgb(51,51,51)">HEX</span><span style="font-weight:bold">.</span><span style="color:teal">decode</span><span style="font-weight:bold">(</span><span style="color:rgb(51,51,51)">CRYPTOBOX_IV</span><span style="font-weight:bold">);</span></div>
<div><span style="color:rgb(68,85,136);font-weight:bold">byte</span><span style="font-weight:bold">[]</span> <span style="color:rgb(51,51,51)">cipherText</span> <span style="font-weight:bold">=</span> <span style="color:rgb(51,51,51)">cryptoBox</span><span style="font-weight:bold">.</span><span style="color:teal">encrypt</span><span style="font-weight:bold">(</span><span style="color:rgb(51,51,51)">IV</span><span style="font-weight:bold">,</span> <span style="color:rgb(51,51,51)">loginName</span><span style="font-weight:bold">.</span><span style="color:teal">getBytes</span><span style="font-weight:bold">());</span></div>
<div> </div><div><span style="font-weight:bold">return</span> <span style="color:rgb(221,17,68)">"<a href="http://blabla/ag-push/register" target="_blank">http://blabla/ag-push/register</a>?"</span> <span style="font-weight:bold">+</span> <span style="color:rgb(51,51,51)">cipherText</span><span style="font-weight:bold">;</span></div>
<div> </div><div> </div><div><span style="color:rgb(153,153,136);font-style:italic">//when the link is called</span></div>
<div><span style="color:rgb(51,51,51)">CryptoBox</span> <span style="color:rgb(51,51,51)">pandora</span> <span style="font-weight:bold">=</span> <span style="font-weight:bold">new</span> <span style="color:rgb(51,51,51)">CryptoBox</span><span style="font-weight:bold">(</span><span style="font-weight:bold">new</span> <span style="color:rgb(51,51,51)">PrivateKey</span><span style="font-weight:bold">(</span><span style="color:rgb(51,51,51)">UPS_SECRET_KEY</span><span style="font-weight:bold">));</span></div>
<div><span style="color:rgb(68,85,136);font-weight:bold">byte</span><span style="font-weight:bold">[]</span> <span style="color:rgb(51,51,51)">message</span> <span style="font-weight:bold">=</span> <span style="color:rgb(51,51,51)">pandora</span><span style="font-weight:bold">.</span><span style="color:teal">decrypt</span><span style="font-weight:bold">(</span><span style="color:rgb(51,51,51)">IV</span><span style="font-weight:bold">,</span> <span style="color:rgb(51,51,51)">cipherText</span><span style="font-weight:bold">);</span></div>
<div><span style="color:rgb(51,51,51)">String</span> <span style="color:rgb(51,51,51)">loginName</span> <span style="font-weight:bold">=</span> <span style="color:rgb(51,51,51)">RAW</span><span style="font-weight:bold">.</span><span style="color:teal">encode</span><span style="font-weight:bold">(</span><span style="color:rgb(51,51,51)">message</span><span style="font-weight:bold">);</span></div>
</pre></div><div><span style="color:rgb(153,153,136);font-style:italic;font-family:Consolas,'Liberation Mono',Courier,monospace;font-size:12px;line-height:12.800000190734863px;white-space:pre-wrap">//Do stuff with the loginName</span> </div>
<div><br></div><div><br></div><div style>Then the question is about the private key, how do I store it / generate it ? Should I use the Java Keystore class <a href="http://docs.oracle.com/javase/7/docs/api/java/security/KeyStore.html">http://docs.oracle.com/javase/7/docs/api/java/security/KeyStore.html</a> ? </div>
<div style><br></div><div style><br></div><div style><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div class=""><div class="h5"><br>
><br>
>> First Login<br>
>><br>
>> When logging in for this first time, the new created user will be prompted<br>
>> to change his password.<br>
><br>
> Same thing there, I think users should be able to reset their own password.<br>
><br>
>> Reset<br>
>> Password Instruction<br>
>><br>
>> If a user wants to reset his password, he has to request it manually<br>
>> (email, post pigeon ...) to an admin. The password will be again the<br>
>> default one and the user will have to change it again when logging in.<br>
>> Scope<br>
>> of the current permissions<br>
>><br>
>> Currently, a authenticated user can see all the applications / variants /<br>
>> installations, no matter he is the author or not. There is also no concept<br>
>> of groups, that may come in the future releases.<br>
>> Security<br>
>> Implementation<br>
>><br>
>> Currently, it would be possible to implement this using<br>
>> Aerogear-Security-Picketlink and with some raw Picketlink :<br>
>><br>
>> - Login / Logout / Registration : AG-Security offers all we need<br>
>> - Roles and permissions : AG-Security offers a secures annotation that<br>
>> can be used to protect the endpoints.<br>
>><br>
>> I know there are some concerns about this last points (Role escalation etc<br>
>> ...) and would like to have advice / feedback on what is acceptable /<br>
>> doable for the 0.10.0 release (15/01).<br>
>> _______________________________________________<br>
>> aerogear-dev mailing list<br>
>> <a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
>> <a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
><br>
> --<br>
> abstractj<br>
><br>
> _______________________________________________<br>
> aerogear-dev mailing list<br>
> <a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
<br>
</div></div></blockquote></div><br></div></div>