Categories: All - security - permissions - communication - authentication

by Samy Sarem 8 months ago

73

2024-04-05 DataService Refactor

The text discusses various aspects related to the refactoring of a data service, particularly focusing on security and authentication mechanisms. It highlights the management of login tokens, debating whether to store them in memory or a database, and includes considerations for user sessions, password policies, and different authentication methods such as OAuth and SAML.

2024-04-05 DataService Refactor

2024-04-05 DataService Refactor

Caching

Things that are cached
Process / data model parameters
Global Param
Global variables
Data model with Metadata

Needed

DataModel

Not needed

single source of truth vs distributed

Other things

Front-end c# / wasm
Use Dataflow
Check dotnet js
JavascriptType

Security

Password policy
Expiry
Deployment mode
Each "micro"service calls
Through gateway only
Impersonification
Nectari Auth ?
There now ?

Site-specific (twitter, ...)

In ASP.Net contrib, not Microsoft

Identity did not support oauth and saml ?
Mix Datasync and Nectari ?
Permissions control / Authorisation layer
License bound to authentication and authorisation

Distribution vs Olap

What module can be used

Concurrent users

is it bound to login token ?
Excel add-in login page - use web
OAuth and Saml
Bound to old NEctari authentication
Authentication management
Bind connection to CP ?
Authentication of a Service (jwt)
User/Pwd
Distinguish user vs service
LoginToken management in memory vs having something in the db
Clean-up user data (mem leak)
Keep me signed in
Session vs Stateless
LoginToken
Manage in DB
WebApi
CommunicationJs
NectariAuthAttribute