Calling all Atlas Security experts!

Ajit_Londhe · March 13, 2023, 1:36pm

Hello,

I am working on a new version of Broadsea (Dockerized Atlas/HADES) that will add easier setup of Atlas/WebAPI with security enabled (among other conveniences) to reduce the burden of sites’ IT/admins on standing up the OHDSI stack.

I have worked with AD and LDAP before, so I have these covered. However, I am looking for experts on the following security providers to assist in establishing settings templates and documentation for this new Broadsea version.

Kerberos
OpenID
CAS
OAuth
IAP

If you have successfully set up Atlas with any of these, please reply here / DM me. All assistance is greatly appreciated!

Thanks,
Ajit

Dillo · March 13, 2023, 5:03pm

Not an expert, but I summarized my experience with CAS: Tips for configuring CAS 2.0 SSO

Ajit_Londhe · March 13, 2023, 5:06pm

Thanks @Dillo! I will review.

Do you have CAS at your site and the ability to run docker? If so, would you mind being a tester of this new Broadsea version?

Dillo · March 13, 2023, 9:52pm

I have a local Fusion VM for testing Ansible scripts for complete deployments of Docker, Miniconda, and the Postgres and last generation consolidated WebAPI/Atlas containers. Time permitting, I’d be willing to look at it.

Ajit_Londhe · March 14, 2023, 8:05pm

Any other SMEs on Kerberos, OpenID, OAuth, or IAP?

Sanjay_Udoshi · March 15, 2023, 12:42pm

For small Foundations with natural history datasets, that are not fully wired with standard authentication methods, it would be useful to have a Local Auth security enabled by default. I would be more than willing to help test such a setup/scenario.

-S

Ajit_Londhe · March 15, 2023, 12:58pm

Thanks! There is a “basic” auth that uses the webapi postgres instance for this purpose. I’ll reach out to you soon on testing this flavor of security.