Authenticated Service to Service Communication with client credentials

OpenCHAMI uses signed JWTs for authentication and authorization. Users must include a valid token with every request which will then be passed on to every subsequent microservice involved in processing that request. However, there are some internal requests that aren't triggered directly by a user. For these, we still need a valid token, but without a specific user to tie it to, we need to use a different kind of JWT.

March 1, 2024 in Development, LANL by David J. Allen (LANL)8 minutes

Bridging the Gap between External Identity Provider and Self-Hosted Authorization Server (Part 1)

June 3, 2024 in LANL, Development by David J. Allen (LANL)7 minutes

Experimental Refactoring with SMD

January 24, 2024 in LANL, Development, sc23 by David J. Allen (LANL)3 minutes

Implementing Authn/Authz in OpenCHAMI Microservices

January 24, 2024 in LANL, Development by David J. Allen (LANL)7 minutes

Exploring Multi-tenacy capabilities in SMD with Groups and Partitions

SMD comes with a built-in partitioning feature that should allow us to partition off certain components through it's API. In this blog post, we explore how groups and partitions work in practice.

January 18, 2024 in Development, LANL by David J. Allen (LANL)6 minutes

Magellan: Alternative Redfish Discovery for OpenCHAMI/CSM

As part of LANL's exploration of the CSM codebase, they found it necessary to augment the built-in discovery features of CSM with a new standalone command based on gofish and bmclib.

October 28, 2023 in Development, LANL, SC23 by David J. Allen (LANL)9 minutes