Versions Compared

Old Version 1

changes.mady.by.user user-1b188

Saved on

compared with

New Version 2

changes.mady.by.user user-1b188

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Authentication and authorization access can be enabled in StageR to STageR to restrict use of the REST APIs through HTTPS connections using valid client certificates.

To enable secure access the application requires a valid server certificate/private key for the server hosting StageRSTageR (registered to the name of the server) and the certificate authority (CA) certificate. Clients applications will require a valid client certificate issued by the certificate authority. Authorized client certificates need to be registered through the security API.

Configuration

Specify the certificate configuration and the client certificate name of the default administration user under the secure configuration property.

{
  ...,
  secure: {
    adminUser: 'TestUser',
    keyLocation: 'config/sslcerts/server/server.key',
    certLocation: 'config/sslcerts/server/server.crt',
    caLocation: 'config/sslcerts/ca/ca.crt',
    passphrase: '123456',
    requestCert: true,
    rejectUnauthorized: false
  },
  ...
}

The adminUser has all permission rights over the administration and security APIs; it can add new administration users and assign user permissions (read/write) to different Storage Units through the security API.