investigate webauth on was-registrar - LDAP group? .htaccess?

sul-dlss / web-archiving

placeholder for web archiving work

0 stars 0 forks source link

investigate webauth on was-registrar - LDAP group? .htaccess? #29

Closed tallenaz closed 7 years ago

tallenaz commented 7 years ago

was-registrar is behind webauth, and anyone with a sunet can get to it. is this ok, or do we want to lock it down further, maybe via ldap?

tallenaz commented 7 years ago

Ben suggests the sdr:administrator-role, which includes:

Albritton, Benjamin L
Atzberger, Joseph
Beer, Christopher
Cramer, Tom
Dushay, Naomi
Fahy, Erin
Frost, Hannah
Hardy, Darren, PhD
Ingulfsen, Tommy
Martin, Johnathan
McGlohon, Laney
McRae, Lynn
Reed, Jack
Sadler, Elizabeth O
Snydman, Stuart
Vine, J
Weber, Darren, PhD
Zanella, Anthony M
dlss:pmag-staff
sdr:admin-temporary

@nullhandle does this seem like an appropriate group of folks who would have access to was-registrar?

tallenaz commented 7 years ago

We're agreed this is an appropriate group, provided Nicholas is included in one of the subgroups.

tallenaz commented 7 years ago

We have 2 options:

request directory ldap access, which can take a long time, sometimes months.
hardcode sunetids into some puppet apache configuration, which can be done much more quickly.