Security is a paramount aspect of Ilum. Each endpoint within the application is secure and requires user authentication. This robust security model ensures that only authenticated users gain access to the resources within the application. Furthermore, the application employs a role-based authorization model that provides fine-grained control over resource access.
Authentication is the process of verifying the identity of a user, device, or system. It often involves validating credentials like usernames and passwords. In our project, we support three types of authentication:
- Internal Authentication: This is the simplest form of authentication where static usernames and passwords are used. It's particularly useful in development environments.
- LDAP Authentication: LDAP (Lightweight Directory Access Protocol) is a protocol used to access and manage directory information. It's primarily used for centralized user authentication.
- OAuth2 Authentication: OAuth2, often used alongside OpenID, is a standard that allows users to authenticate via an external provider such as Google, GitHub, etc. This is the most secure authentication method and is recommended for production environments.
Once a user has been authenticated, the next step is to determine what they can do within the system. This process is known as authorization. Our application leverages built-in roles for authorization, allowing specific permissions and resource access to be tied to individual roles.
These roles can be assigned to users, effectively controlling what each user can access and modify within the system. This granular control ensures that users only access the resources and perform the actions that they are authorized to.
Further documentation will guide you through the process of setting up each authentication method and configuring the built-in roles for authorization. It is critical to understand and properly configure these settings to ensure the security of your application.