• R/O
  • SSH

manifest: Commit

A service to replicate and serve requests for site configurations based on site ID, public IP, and the on-site lead contact's OTP.


Commit MetaInfo

Révisionb88befc05fe46c5a18710dee8ab47b4c963b74e8 (tree)
l'heure2021-10-16 02:09:11
Auteur4E9B58 <4e9b58@proj...>
Commiter4E9B58

Message de Log

Add a 'What Still Needs to be Done' section

Change Summary

Modification

diff -r 4a56f8a5d800 -r b88befc05fe4 docs/README.adoc
--- a/docs/README.adoc Fri Oct 15 12:08:38 2021 -0500
+++ b/docs/README.adoc Fri Oct 15 12:09:11 2021 -0500
@@ -38,4 +38,10 @@
3838 There are other options if the deploying person is not part of a company with a Project Celadon (Corp) support contract, but we'll assume a support contract is in place and is current.
3939
4040 The diviner server is deployed with an LCD. Upon powering up the server, it will wait for a secured (via internal certificate) Internet connection. Once the connection is estables, an Aztec code barcode will display on the LCD. The technician (or anyone) can scan the code and they will get back an 8-digit One Time Password (OTP), generated from the ObjectID of the manifest record, with instruction about what to do next with the LCD. Following the instructions, the OTP is entered. The public IP and OTP are transmitted via SSL, and the manifest server is forwarded the IP address. If the IP address does not match, the server reboots and the process starts all over again. If the IP address is correct, the record is made available for consumption by that IP and the server is redirected to manifest URL for download. Additional measures are being considered to twart man-in-the-middle attacks.
41-The barcode itself contains the ObjectID of the manifest record that has been prepared for that site. In this way, the device becomes the "something you have" part of the authentication chain.
\ No newline at end of file
41+The barcode itself contains the ObjectID of the manifest record that has been prepared for that site. In this way, the device becomes the "something you have" part of the authentication chain.
42+
43+
44+=== What Still Needs to be Done?
45+1. Read sample data from mongodb as service accout, return RESTfully as JSON
46+2. Impliment OTP for service account
47+3. Other things not yet listed here.
\ No newline at end of file
Afficher sur ancien navigateur de dépôt.