User Story #838 (new)

Opened 2 years ago

Last modified 2 weeks ago

Configure OMERO for SSL transport and document use

Reported by: jmoore Owned by: jmoore
Milestone: OMERO-Beta4.2 Component: Security
Keywords: jboss Cc: cxallan
Story Points: n.a. Sprint: n.a.
Importance: n.a.
Total Remaining Time: 6.0d Estimated Remaining Time: n.a.

Description (last modified by jmoore) (diff)

As outlined in  Chapter 9 of the JBoss server manual, it is possible to configure EJBS for secure transport. This requires a minimum amount of configuration in the EJBs themselves, and work by system administrators and client developers to enable the transport.

Documentation for this will be available at:

 https://trac.openmicroscopy.org.uk/omero/wiki/OmeroSecurity

See also #1747, certificate-based login

References

Referenced by:
  • Requirement (#1936): Secure Login and Ldap improvements
References:
  • Task (#1935): bin/omero login should cleanup sessions ( Owner: jmoore Remaining Time: 0 )
  • Task (#1580): Unify all command-line logins ( Owner: jmoore Remaining Time: 0 )
  • Task (#1943): Permit not saving sessions to ~/omero/sessions ( Owner: jmoore Remaining Time: 0.5 )
  • Task (#1944): Move omero/adduser.py to plugin ( Owner: jmoore Remaining Time: 0 )
  • Task (#2001): Integrate group login into `bin/omero login` ( Owner: jmoore Remaining Time: 0.5 )
  • Task (#1938): Enable flag for using SSL for all methods, not just login ( Owner: jmoore Remaining Time: 1 )
  • Task (#1939): Document use of more advanced encrypton schemes ( Owner: atarkowska )
  • Task (#1947): Clean up OmeroCli help messages ( Owner: jmoore Remaining Time: 0.5 )
  • Task (#1998): Allow reusing last login without any CLI arguments ( Owner: jmoore Remaining Time: 0.5 )
  • Task (#1948): Allow re-using plugin login in non-plugins ( Owner: jmoore Remaining Time: 1 )
  • Task (#1937): Add ADH as default transport ( Owner: jmoore Remaining Time: 1 )
  • Task (#1997): Add 'profile' to support direct use of Ice.Default.Locator ( Owner: jmoore Remaining Time: 1 )

Change History

Changed 2 years ago by jmoore

r1949 and r1950 have initial server- and client-side (code) configuration. This does not include the JBoss configuration.

Changed 2 years ago by jmoore

  • owner changed from jmoore to atarkowska

Passing off to you, Ola. Most likely can wait for milestone:3.0-Beta4. Push it forward if you want.

Changed 2 years ago by jmoore

When I was setting LDAP ssl transport I had to add keystore and truststore and all is already there, on omero.properties. If all is on place, while not test it on Beta-3.0? What do you think?

Great. Yeah, if everything's in place, then do try. After JBoss, though, we'll need to work through and document setting up SSL connections for Blitz, as well.

Changed 2 years ago by atarkowska

configuration  http://www.jboss.org/wiki/Wiki.jsp?page=SSLSetup

Changed 22 months ago by atarkowska

  • milestone changed from 3.0-Beta3 to 3.0-Beta4

Changed 13 months ago by atarkowska

  • description modified (diff)
  • milestone changed from OMERO-Beta4 to OMERO-Beta4.2

Changed 2 months ago by jmoore

  • description modified (diff)

Changed 2 weeks ago by jmoore

  • type changed from Task to User Story

Changed 2 weeks ago by jmoore

  • owner changed from atarkowska to jmoore
Note: See TracTickets for help on using tickets. You may also have a look at Agilo extensions to the ticket.

1.2.1-PRO © 2008-2009 agile42 all rights reserved (this page was served in: 0.170521 sec.)