Task #5814
MNDeployment #4700: IARC (International Arctic Research Center) Data Archive
Task #5759: IARC: Testing
Task #5788: IARC: Registration in environment (production)
Task #5811: IARC: Authentication and Authorization
IARC: Log record access
100%
Description
Verify that Log Records can be accessed only as allowed by the MN policy.
History
#1 Updated by Laura Moyers over 10 years ago
- Target version changed from Deploy by end of Y5Q4 to Deploy by end of Y1Q1
#2 Updated by Laura Moyers about 10 years ago
- Target version changed from Deploy by end of Y1Q1 to Deploy by end of NCTE
#3 Updated by Mark Servilla over 9 years ago
- translation missing: en.field_remaining_hours set to 0.0
- % Done changed from 0 to 100
- Status changed from New to Closed
The MN urn:node:IARC correctly blocks non-authorized users from accessing log records:
curl -s -X GET https://trusty.iarc.uaf.edu/mn/v1/log?count=0 | xml fo
<?xml version="1.0"?>
Access allowed only for DataONE infrastructure. Active subjects: public (primary). Trusted subjects: CN=urn:node:CN,DC=dataone,DC=org, CN=urn:node:CNORC1,DC=dataone,DC=org, CN=urn:node:CNUCSB1,DC=dataone,DC=org, CN=urn:node:CNUNM1,DC=dataone,DC=org, CN=urn:node:IARC,DC=dataone,DC=org
The MN urn:node:IARC correctly allows authorized users from accessing log records:
curl -i -E ./urn_node_CNUCSB1.pem -X GET https://trusty.iarc.uaf.edu/mn/v1/log?count=0
HTTP/1.1 200 OK
Date: Mon, 11 May 2015 20:04:21 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 116
Vary: Accept-Encoding
Content-Type: application/xml
<?xml version="1.0" ?>
#4 Updated by Mark Servilla over 9 years ago
- Assignee set to Mark Servilla
- Estimated time set to 0.00
