BMCWeb auth primer
Joseph Reynolds
jrey at linux.ibm.com
Wed Nov 27 09:37:04 AEDT 2019
On 11/25/19 3:37 PM, Brandon Wyman wrote:
> On Mon, Nov 11, 2019 at 7:41 PM Joseph Reynolds <jrey at linux.ibm.com> wrote:
>> Dear OpenBMC community and BMCWeb maintainers,
>>
>> I worked on BMCWeb, learned how it works, and put together this little
>> primer on its authentication and authorization flows. I think portions
>> of it are generally useful to the community, and specifically useful to
>> help guide BMC security work. Certainly, I may want to refer back to it.
>>
>> The material is more-or-less in markdown format, but no promises.
>>
>> Take a peek, learn about auth security topics, correct my errors and
>> omissions, and let me know your ideas how to incorporate this into the
>> project. Thank you!
>>
>> - Joseph
>>
> Would this have worked better as a gerrit commit, or a public gist
> that you could point to?
Brandon, yes, that's the feedback I am looking for. I haven't seen much
interest in openbmc gists. You can find the primer in the OpenBMC email
archives here:
https://lists.ozlabs.org/pipermail/openbmc/2019-November/019422.html
(at least until that site it taken down).
I've incorporated documentation for the OperationMap into the source
code, currently in review here:
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/27595/2/redfish-core/include/privileges.hpp#226
Thanks for your interest. I'll keep at it...
- Joseph
>> # BMCWeb auth primer
>>
>> This describes the BMCWeb server's authentication and authorization
>> flows, showing how they relate to the usage shown in the [REDFISH
>> cheatsheet][] and [REST cheatsheet][], to [Phosphor User Manager][], and
>> to the [BMCWeb code][].
>>
> <SNIP>
More information about the openbmc
mailing list