Data_APP_Security

Downloads38
Subscribe
1
Bookmark
0
This application is not supported by InterSystems Corporation. Please be notified that you use it at your own responsibility.
Details
Releases
Reviews
Issues

What's new in this version

OAuth2 Authentication with GitHub added

Data_APP_Security

Summary

Web Application build on InterSystems IRIS for Health and Docker to demonstrate Authentication, Authorization AND Auditing basics. By using the application New user can be created programmatically along with auditing, roles and SQL privileges, Option to Enable/Disable, Authenticate/Unauthenticate web application and OAuth2 Authentication with GitHub

Features

  • Authentication, Authorization and Auditing basics
  • OAuth2 Authentication with GitHub
  • Create New User by code
  • Add Audit Log Programatically
  • Create Role and Assign SQL table priviliges by code
  • Grant all privileges to user by assigning %All role by code
  • Enable/Disable Web Terminal Application by code
  • Authenticate/Unauthenticate Web Terminal Application by code

Online Demo

https://dappsecurity.demo.community.intersystems.com/csp/user/index.csp by using SuperUser | SYS

Community Articles

https://community.intersystems.com/post/programmatically-create-users-grant-privileges-enabledisable-and-authenticateunauthenticate-web For OAuth2 GitHub authentication https://community.intersystems.com/post/oauth2-authentication-github-account-iris-web-application

Installation with ZPM

zpm:USER>zpm "install scw-Patient"

Application Layout

image

Recommendation

Repo Contents

  • Dockerfile, docker-compose.yml, and Installer.cls to create container
  • iris.script, contains script to execute during container initialization
  • /src with source files
  • /.vscode/settings.json for automatic server connections when opened in VS Code.

Requirements:

To Run on Windows:

	git clone https://github.com/mwaseem75/Data_APP_Security.git  
	cd Data_APP_Security  
	docker-compose up -d  

To Run on macOS:

	git clone https://github.com/mwaseem75/Data_APP_Security.git 
	cd Data_APP_Security 
	docker-compose up -d  

Log in with credentials: SuperUser | SYS

Getting Started

AUTHENTICATION

  • Navigate to http://localhost:52773/csp/user/index.csp index page, First of all create New user by cliking "Create TestUser" button. Make sure to login as SUPERUSER OR _SYSTEM in order to create new User. Newly created user can be viewed from management portal (System > Security Management > User) image

LOGIN With Github OAUTH2

image

AUDITING

Upon creating user, record with Description "Audit Log inserted from DATA_APP_Security" is added in auditing database which can be viewed from Management portal (Security > Security Management > View Audit Database) image

AUTHORIZATION

image

GRANTING ALL PRIVILEGES

ENABLE/DISABLE WEB APPLICATION

  • Navigate to web terminal application by clicking Web Terminal menu option image

  • After providing credentials web terminal application will open image

  • Let's disable web terminal application by clicking "Disable WebTerminal Application". Now Navigate to web terminal application by clicking Web Terminal menu option and system will display message that application not found image

Web terminal application can be enabled by clicking "Enable WebTerminal Application" button.

AUTHENTICATE/UNAUTHENTICATE WEB APPLICATION

  • Now Let's disable all the authentications for Web Terminal Application by pressing "Disable WebTerminal Authentication". System will not allow to enter even providing correct credentials image

Web terminal application Authentication can be enabled by clicking "Enable WebTerminal Authentication" button.

Thanks

Special Thanks to:

Evgeny Shvarov for: https://openexchange.intersystems.com/package/secured-rest-api template for guidance

ZPM installation
zpm "install scw-Patient"
Rating
5 (1)
Code quality check
Passed
Updated on 14 August 2022
Category
Developer Environment
Works with
InterSystems IRISInterSystems IRIS for HealthCaché
Tags
Info
Version
1.0.5
Last updated
2021-12-05
Repository
Open
License
Link