Add full role-based user authentication and authorisation

[sshipway]

This is more large-scale, but it would be good to incorporate the structure before things get too big.

Have the system support separate user accounts, as well as an unauthenticated 'public' virtual user. The authentication should be configurable to be either a local database, LDAP server, or linked to github/facebook/google/shibboleth/CAS auth. Set specific access roles against individual accounts (readonly, manage own containers only, full admin) so that the accounts can be controlled. Different roles can give ability to view MC servers, manage them, start new ones, manage the library, and so on.

It would even allow you to potentially add a 'credit balance' to the accounts, restricting how many containers the account can spin up (decrement it every time you create a new container, disallow creation if ==0, -1 is infinite)

While this might seem overkill, and probably is in 90% of cases, it would be a necessary step to move MCCY towards being an MCaaS provider :).

[itzg]

The very good news is that Spring Security is already driving the login. Right now it's just using the default Boot user manager that has one user "hard-configured". If you search for Spring Social you'll see they have integrations like Facebook, Twitter, etc.

[itzg]

A quick search come up with an article that talks exactly about integrating LDAP auth with Spring Boot and they even have an option for an embedded LDAP server. So we can start small, but go through the real motions.

https://spring.io/guides/gs/authenticating-ldap/

[itzg]

...an interesting aspect of this could be to support authenticating based on people's Minecraft account via MCAuthLib.

That likely is leveraging the new Mojang authentication scheme documented here

[itzg]

Since asking people for their Minecaft account password feels icky, an arbitrating OAuth service like https://www.mineid.org/ seems appealing...assuming they can be trusted :)

[sshipway]

If you support MinecraftID as an option for logins (using an external service), then you could pre-populate the Whitelist and Opslist for new containers...

It would be good to have the option to choose from LDAP, MinecraftID or Local for authentication options.

[danpolanco]

Hm. Once we add more games (e.g. Project Zomboid), will mcid still continue to be useful?

[itzg]

Good point @DanTheColoradan. To regain the pre-filled white/op list like @sshipway mentioned, then we could provide the ability for users to define their preferred defaults.

So all in all, sounds like we're leaning towards our own "user database" which we would have needed regardless...doesn't preclude just authentication through something like Twitter/Facebook/G+, etc.

[sshipway]

If you have a local user database - with selectable auth options of MinecraftID/LDAP/Local/Whatever - then you can set up all your preferred settings, including default modules and minecraft container type...

[sshipway]

You could even then set up the uploaded world ZIP archive so that people can flag uploaded worlds as private or public, optionally allowing other people to use them when setting up new container

[itzg]

Reviving an old conversation with a note-to-self about latest Spring LDAP release

https://spring.io/blog/2016/05/17/spring-ldap-2-1-0-released