This repository has been archived by the owner on Jul 17, 2023. It is now read-only.
Protect the Backends with Shibboleth #292
Labels
BackendBoys
Backlog
A backlogged issue that still needs to be completed
Cerberus
Authentication issues
Moby-Dock
Comments
gzhihongwei
added
Moby-Dock
Cerberus
|
Backend Boys - Authentication with the editor backend is indeed not fully functional. There exists a skeleton of authentication in comments left in views.py, as well as a helper method listed at the top of views and one functional custom endpoint. Unable to complete this feature as we encountered issues with testing locally and then getting CSCF to give us request.META user credentials until time was short. |
|
Backlogged as the frontend would need to pass the Shibboleth session cookie in each request to the backend APIs, which we didn’t have enough time for. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Right now, the backends are not being protected with shibboleth auth due to CORS issues. As such, it is a potential security risk to let the webapp be deployed right now due to the in progress modeling of access control.
The text was updated successfully, but these errors were encountered: