Authentication and Authorization
User
Any user has the following attributes:
username
password
permissions
list of banned agents
Getting Users Information
In order to print all users, execute the following command:
In order to print detailed information about a particular user (e.g. user1) execute the command:
Adding/Deleting Users
In order to add a new user user1
, execute the following command:
In order to delete the user user1
execute the following command:
Authentication
Flopsar supports two types of authentication providers: internal (local) and external.
Internal
This is a default authentication system used by Flopsar. All the users information is stored in Manager
. The authentication itself is performed internally, i.e. is not delegated to any other external authentication system. This means, that users password are stored encrypted in Manager
. In order to change a password for user1
user, you must make use of the following command:
External
This type delegates the authentication to other, third-party authentication systems. In order to enable it, you need to implement a specific Server
plugin and install it on the Manager.
Authorization
No matter which authentication type you choose, the authorization is always performed in the Manager. That means all users must exist in the Manager.
Permissions
The following permissions are available:
Symbol
Description
c
User can edit agents configuration.
p
User can see method parameters.
o
User can see agents online data.
q
User can query agents directly.
In order to set the permissions for the user user1
, execute the command:
where perms_vals
are the permissions symbols prefixed with +
or -
depending on whether you want to add or revoke the permission. For example, if you want to allow user1
to see methods parameters and agents online data, execute the following command:
In order to revoke those permissions, execute the command:
Banned Agents
A user can see all data from any agent by default. In order to prevent a user (user1
) from seeing particular agents, you need to execute the following command:
where agents_pattern
is a regular expression for agents' names. In order to unban some agents, execute the command:
Last updated