Difference between revisions of "Security Configuration"

From FMR Knowledge Base
Jump to navigation Jump to search
(Security Overview)
(Security Overview)
Line 1: Line 1:
 
== Security Overview ==
 
== Security Overview ==
  
Security in the Fusion Registry is split into two distinct functions, '''Authentication''' and '''Authorisation'''.  Authentication is the process of ensuing user credentials match up against a valid user account, and then loading the user details into the session.  Authorisation is the process of ensuring a user is allowed to perform the action they are trying to perform.
+
Security is split into two distinct functions: User '''Authentication''' and User '''Authorisation'''.  Authentication is the process of ensuing the provided user credentials match up against a valid user account.  Authorisation is the process of ensuring a user is allowed to perform the action they are trying to perform.
  
The Fusion Registry has a single in built account for the root user, this is set up on installation.
+
The Fusion Registry only provides Authentication services for two types of user; the [[Fusion Registry Root]] user, and [[Fusion Reporting Node]] users. Authentication for other users are provided by either:
  
In order to support additional users, the Fusion Registry can link to an external Authentication Server, this may be [[Fusion Security]] or Microsoft Active Directory.
+
* [[Fusion Security]] Web Server
 +
* [[Active Directory]] via LDAP
 +
* Apache Tomcat via [[Certificate Authentication]]
  
 
+
Once a user is Authenticated, the relevant User Account is loaded into the session, and the Fusion Registry uses its security model and rules to '''authorise''' the user is allowed to access the resource.
In Addition to the root user, additional users can log in
 
 
 
The Fusion Registry
 
 
 
provides a number of methods for user Authentication, they are:
 
 
 
* Use the Fusion Security Web Server to Authenticate Users
 
* Use Active Directory to Authenticate Users
 
* Use Certificate Authentication
 
 
 
The use of an external Authentication Server
 
  
 
== Authentication ==
 
== Authentication ==

Revision as of 10:01, 28 April 2019

Security Overview

Security is split into two distinct functions: User Authentication and User Authorisation. Authentication is the process of ensuing the provided user credentials match up against a valid user account. Authorisation is the process of ensuring a user is allowed to perform the action they are trying to perform.

The Fusion Registry only provides Authentication services for two types of user; the Fusion Registry Root user, and Fusion Reporting Node users. Authentication for other users are provided by either:

Once a user is Authenticated, the relevant User Account is loaded into the session, and the Fusion Registry uses its security model and rules to authorise the user is allowed to access the resource.

Authentication

Fusion Security

Active Directory

Certificate

Authorization