[Hawkular-dev] What are your Authentication and Authorization needs?
Lucas Ponce
lponce at redhat.com
Mon Apr 25 03:31:56 EDT 2016
----- Mensaje original -----
> De: "Juraci Paixão Kröhling" <jpkroehling at redhat.com>
> Para: "Lucas Ponce" <lponce at redhat.com>, "Discussions around Hawkular development" <hawkular-dev at lists.jboss.org>
> Enviados: Lunes, 25 de Abril 2016 9:22:21
> Asunto: Re: [Hawkular-dev] What are your Authentication and Authorization needs?
>
> On 25.04.2016 09:13, Lucas Ponce wrote:
> > For alerting, all model is tenant-based, and I don't see that aspect is
> > going to change (or we can change it without a major refactor).
>
> There won't be any more tenancy information coming from Accounts,
> because there won't be any tenancy information coming to Accounts :) I'm
> afraid you'd have to change it.
>
> > So, no new security requeriments from this component, internally we work
> > with the tenant that is translated from hawkular accounts (or taken from a
> > header in standalone scenarios).
>
> Your clients (MiQ, Ruby gem, UI, ...) will have to know about tenants
> and send it to Alerts on the payload. Accounts won't touch it.
>
> If you (and other components) *require* tenancy information for some
> concrete use case, we might discuss how we could handle it in a common
> way to all components. Otherwise, I'd just assume that the same
> requirement you had for multi tenancy went away when the requirement for
> multi tenancy on Accounts went away.
>
> - Juca.
>
So, if I interpret correctly, it seems that the change will be that we should handle the tenant aspect explictly as we do for standalone scenarios.
Well, that's not a big change at all, I think we covered that usecase with the Hawkular-Tenant header.
More information about the hawkular-dev
mailing list