Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

All AuthZ tests assume basic authN #218

Open
acoburn opened this issue Sep 21, 2018 · 0 comments
Open

All AuthZ tests assume basic authN #218

acoburn opened this issue Sep 21, 2018 · 0 comments

Comments

@acoburn
Copy link

acoburn commented Sep 21, 2018

The Fedora specification is silent on authentication protocols, yet the test suite assumes that basic authentication is supported. Given that Basic Auth is not particularly robust or scalable for the web, it seems that the suite wouldn't work so well for an OAuth-, OIDC- or SAML-based AuthN system.
dbernstein added a commit to dbernstein/Fedora-API-Test-Suite that referenced this issue Oct 16, 2018
@dbernstein
This commit introduces pluggable authentication in order support
b32eb4b 
a variety of authentication mechanisms (including no authentication)
that different Fedora implementations might employ. See the README.md
for instructions on how to create and deploy custom authenticators.
Please note that several paramters names have changed.

Resolves: fcrepo#222,
fcrepo#219, and
fcrepo#218
@dbernstein dbernstein mentioned this issue Oct 16, 2018
Merged
dbernstein added a commit to dbernstein/Fedora-API-Test-Suite that referenced this issue Oct 25, 2018
@dbernstein
This commit introduces pluggable authentication in order support
cef148c 
a variety of authentication mechanisms (including no authentication)
that different Fedora implementations might employ. See the README.md
for instructions on how to create and deploy custom authenticators.
Please note that several paramters names have changed.

Resolves: fcrepo#222,
fcrepo#219, and
fcrepo#218
awoods pushed a commit that referenced this issue Oct 31, 2018
@dbernstein
This commit introduces pluggable authentication in order support (#260)
c0f4957 
* This commit introduces pluggable authentication in order support
a variety of authentication mechanisms (including no authentication)
that different Fedora implementations might employ. See the README.md
for instructions on how to create and deploy custom authenticators.
Please note that several paramters names have changed.

Resolves: #222,
#219, and
#218

* Adds support for the optional use of an Authorization header.
In the process of implementing this feature I took the opportunity to remove much cruft generated by the
unfortunate pattern of passing test parameters via the @parameters annotation. Now test parameters are
picked up by tests via the TestParameters singleton.

* Updates config.yml.dist
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@acoburn