TAPI icon indicating copy to clipboard operation
TAPI copied to clipboard
verified publisher icon Open-Network-Models-and-Interfaces-ONMI

TAPI security mechanism

Open rvilalta opened this issue 9 years ago • 3 comments

Received: While trying connect TAPI controller, I bumped into authentication issues. I see no reference to security in the SWAGGER files, meaning each vendor can implement its own security mechanism. Shouldn’t TAPI take care of its security by token exchange for example?

rvilalta avatar Oct 18 '16 09:10 rvilalta

Agree that TAPI should care. I will open an issue for this topic. Here is some useful discussion.

http://stackoverflow.com/questions/319530/restful-authentication

In my opinion for this HTTP basic auth over HTTPS might be implemented.

rvilalta avatar Oct 18 '16 09:10 rvilalta

Should this information be part of the T-API Developers Guide?

As far as I have understood, there are multiple ways to implement a T-API wire protocol and therefore there will be multiple ways to secure the communication channel.

I think this is yet another aspects, among others described in the T-API Development Guide, the T-API client and server sides need to agree upon in order to communicate.

italobusi avatar Oct 20 '16 10:10 italobusi

Exactly.

rvilalta avatar Oct 20 '16 12:10 rvilalta

This issue has been closed due to the lack of activity for more than one year. Please reopen it if follow up is necessary.

amazzini avatar Mar 21 '24 10:03 amazzini