Ticket #311 (closed enhancement: wontfix)
Global app login as replacement for using internal password.
|Reported by:||robert||Owned by:|
|MoSCoW:||Should Have||Estimated time after impact analysis:|
|Related to project:||none||Tested:||no|
Currently OAI provider tool uses hacks to access global data; this is needed to get assets from all (or selected) client applications.
In 1.7 we used a REST call to retrieve the App_ids and combine that to retrieve the asset search for OAI output which also was not really good solution.
In normal REST connector calls we always use a application login which the connection is always one client application. This in OAI is not enough.
In 2.x we use for internal REST calls an internal generated password of 64 characters. To use OAI on 2.x we extended the 1.7 VPX connector to use this password so OAI can use multiple app IDs. This forced us to show the password of the internal in the admin, so we can enter it for OAI VPX connector. However, this was never meant to be shown.
To get rid of the internal password usage of OAI we need another way of connecting to REST with the VPX / MediaMosa connector.
My suggestion is to introduce a global APP login on client applications. It will enable to create a client application with app ID 0 with a name and password. This login will be then used by OAI to login onto REST and will behave as the master application that can have access to REST. We could also introduce a READ only option for client application(s), so this client application can only do GET rest calls using its client app login.
The big advantage here is that we will use the normal DBUS login and provide access for applications like OAI to access REST while not restricted to one application.