----- Mensaje original -----
De: "Juraci Paixão Kröhling"
Para: "Lucas Ponce" <lponce(a)redhat.com>, "Discussions around
Hawkular development" <hawkular-dev(a)lists.jboss.org>
Enviados: Lunes, 25 de Abril 2016 9:22:21
Asunto: Re: [Hawkular-dev] What are your Authentication and Authorization needs?
On 25.04.2016 09:13, Lucas Ponce wrote:
> For alerting, all model is tenant-based, and I don't see that aspect is
> going to change (or we can change it without a major refactor).
There won't be any more tenancy information coming from Accounts,
because there won't be any tenancy information coming to Accounts :) I'm
afraid you'd have to change it.
> So, no new security requeriments from this component, internally we work
> with the tenant that is translated from hawkular accounts (or taken from a
> header in standalone scenarios).
Your clients (MiQ, Ruby gem, UI, ...) will have to know about tenants
and send it to Alerts on the payload. Accounts won't touch it.
If you (and other components) *require* tenancy information for some
concrete use case, we might discuss how we could handle it in a common
way to all components. Otherwise, I'd just assume that the same
requirement you had for multi tenancy went away when the requirement for
multi tenancy on Accounts went away.
So, if I interpret correctly, it seems that the change will be that we should handle the
tenant aspect explictly as we do for standalone scenarios.
Well, that's not a big change at all, I think we covered that usecase with the