blob: f75412dca676fbf4d0fe2c60edc430040a0058ac (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
Participants
------------
(((ECSA,overview)))
A particpant represents a legal client in an ECSA network.
///////////
[[participant_basic_requirements]]
///////////
Basic functionalities and requirements
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Technology / Architecture
^^^^^^^^^^^^^^^^^^^^^^^^^
(((participant,technology)))
(((participant,architecture)))
- has to communicate with the ECS as a
ifdef::hyperdoc[{rest_home_lnk}[REST]]
ifndef::hyperdoc[REST footnote:[REST Homepage see {rest_home_txt}]]
client.
ifdef::hyperdoc[- {http_1_1_lnk}[HTTP 1.1]]
ifndef::hyperdoc[- HTTP 1.1 footnote:[HTTP 1.1 see {http_1_1_txt}]]
as transport and application protocol
- provide persistent connection (keep-alive)
- provide SSL/TLS transport layer
- has to use
ifdef::hyperdoc[{utf_8_lnk}[UTF-8]]
ifndef::hyperdoc[UTF-8 footnote:[UTF-8 see {utf_8_lnk_txt}]]
Authentication
^^^^^^^^^^^^^^
(((participant,authentication)))
ifdef::hyperdoc[- {http_basic_auth_lnk}[HTTP Basic auth]]
ifndef::hyperdoc[- HTTP Basic auth footnote:[HTTP Basic auth see {http_basic_auth_txt}]]
- X.509 Certificates (SSL/TLS client authentication)
Authorization
~~~~~~~~~~~~~
(((participant,authorization)))
A client should be able to use a simple "one touch token" authorization through
the ECS `sys/auths` resource. This token could be used to accomplish deligated
authorization for accessing resources on participants of a common ECSA network.
E.g. in redirecting users clicking on course links or in
ifdef::hyperdoc[<<_direct_participant_to_participant_communication,direct communicating of participants>>.]
ifndef::hyperdoc[direct communicating of participants (see <<_direct_participant_to_participant_communication>>).]
//////////////////////////////////
ECS REST interface
~~~~~~~~~~~~~~~~~~
//////////////////////////////////
Ressource extensions / alterations
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(((participant,ressource extensions)))
To make resource extensions and alteration possible the clients have to
easily permit
- additional ressources
- extensible data formats
- Postels's Law (robustness principle): _Be conservative in what you send; be liberal in what you accept._
- versioning through request and response header (content negotiation)
* Accept: application/vnd.my-format.v1+json
* Accept: application/vnd.my-format.v2+json
|
