The idea is to authenticate user only once and then while making internal calls to other services manage access control as if client makes the calls directly.
Example:
Client tries to get analytics of data managed by another internal service
Analytics service calls data service
Data service processes access control as if the call originates from client, but not from internal service with full access
To avoid security holes this should be the default mode for all calls originating from FutoIn request processing task. If the behavior is not desired, that a it should be controlled by special parameter in CCM.
The idea is to authenticate user only once and then while making internal calls to other services manage access control as if client makes the calls directly.
Example:
To avoid security holes this should be the default mode for all calls originating from FutoIn request processing task. If the behavior is not desired, that a it should be controlled by special parameter in CCM.