Open VincenzoFerme opened 8 years ago
We need to decide how to handle secured access to the services and between the services. Some thoughts on this:
test-manager
, and currently this service acts as the entrypoint of benchflow. We need to add user based authentication (e.g., using https://github.com/dropwizard-bundles/dropwizard-api-key-bundle or https://github.com/wdawson/dropwizard-auth-example).test-manager
so that we can control the access of the users to the APIs, and redirect the calls to the other services. For now this is fine and we do not need more complex and dedicated solutions as for example https://getkong.org. An example of API that is private is the trial API currently exposed by the test manager: https://github.com/benchflow/benchflow/blob/devel/benchflow-test-manager/application/src/main/java/cloud/benchflow/testmanager/resources/BenchFlowTrialResource.java
In dropwizard there is already functionality for authentication. Could we not use that?
Each service could then have its own user and password and in that way authenticate.
Services:
Notes:
-Swarm: