Home Applications Data_APP_Security

Data_APP_Security

This application is not supported by InterSystems Corporation. Please be notified that you use it at your own risk.
5
1 reviews
0
Awards
647
Views
12
IPM installs
3
1
Details
Releases
Reviews
Issues
Pull requests
Videos
Articles
This app has a demo View
OAuth Authentication, Authorization & Auditing basics

What's new in this version

OAuth2 Authentication with GitHub added

Data_APP_Security

Summary

Web Application build on InterSystems IRIS for Health and Docker to demonstrate Authentication, Authorization AND Auditing basics.
By using the application New user can be created programmatically along with auditing, roles and SQL privileges, Option to Enable/Disable, Authenticate/Unauthenticate web application and OAuth2 Authentication with GitHub

Features

  • Authentication, Authorization and Auditing basics
  • OAuth2 Authentication with GitHub
  • Create New User by code
  • Add Audit Log Programatically
  • Create Role and Assign SQL table priviliges by code
  • Grant all privileges to user by assigning %All role by code
  • Enable/Disable Web Terminal Application by code
  • Authenticate/Unauthenticate Web Terminal Application by code

Online Demo

https://dappsecurity.demo.community.intersystems.com/csp/user/index.csp by using SuperUser | SYS

Community Articles

https://community.intersystems.com/post/programmatically-create-users-grant-privileges-enabledisable-and-authenticateunauthenticate-web
For OAuth2 GitHub authentication
https://community.intersystems.com/post/oauth2-authentication-github-account-iris-web-application

Installation with ZPM

zpm:USER>zpm "install scw-Patient"

Application Layout

image

Recommendation

Repo Contents

  • Dockerfile, docker-compose.yml, and Installer.cls to create container
  • iris.script, contains script to execute during container initialization
  • /src with source files
  • /.vscode/settings.json for automatic server connections when opened in VS Code.

Requirements:

To Run on Windows:

	git clone https://github.com/mwaseem75/Data_APP_Security.git  
	cd Data_APP_Security  
	docker-compose up -d  

To Run on macOS:

	git clone https://github.com/mwaseem75/Data_APP_Security.git 
	cd Data_APP_Security 
	docker-compose up -d  

Log in with credentials: SuperUser | SYS

Getting Started

AUTHENTICATION

  • Navigate to http://localhost:52773/csp/user/index.csp index page, First of all create New user by cliking “Create TestUser” button. Make sure to login as SUPERUSER OR _SYSTEM in order to create new User.
    Newly created user can be viewed from management portal (System > Security Management > User)
    image

LOGIN With Github OAUTH2

image

AUDITING

Upon creating user, record with Description “Audit Log inserted from DATA_APP_Security” is added in auditing database which can be viewed from Management portal
(Security > Security Management > View Audit Database)
image

AUTHORIZATION

image

GRANTING ALL PRIVILEGES

ENABLE/DISABLE WEB APPLICATION

  • Navigate to web terminal application by clicking Web Terminal menu option
    image

  • After providing credentials web terminal application will open
    image

  • Let’s disable web terminal application by clicking “Disable WebTerminal Application”.
    Now Navigate to web terminal application by clicking Web Terminal menu option and system will display message that application not found
    image

Web terminal application can be enabled by clicking “Enable WebTerminal Application” button.

AUTHENTICATE/UNAUTHENTICATE WEB APPLICATION

  • Now Let’s disable all the authentications for Web Terminal Application by pressing “Disable WebTerminal Authentication”.
    System will not allow to enter even providing correct credentials
    image

Web terminal application Authentication can be enabled by clicking “Enable WebTerminal Authentication” button.

Thanks

Special Thanks to:

Evgeny Shvarov for: https://openexchange.intersystems.com/package/secured-rest-api template for guidance

Made with
Install
zpm install scw-Patient download archive
Version
1.0.505 Dec, 2021
ObjectScript quality test
Category
Developer Environment
Works with
InterSystems IRISInterSystems IRIS for HealthCaché
First published
28 Nov, 2021
Last checked by moderator
27 Jun, 2023Works