Security & Logging
Corteza Federation leverages Corteza’s already established authentication facility, using system users and JWT tokens (later referred as a token).
This enables us to reduce potential security holes and leverage our RBAC access control facility.
During the node pairing, each node creates a system user with an authentication token that can be used to access the node’s protected resources.
The two tokens in a node pair are not the same.
After the nodes are paired and the system users are created, we can assign roles to the federated user, further restricting what data the destination node is allowed to access using the RBAC access control facility
Each requested operation in the federated network goes through the access control facility.
Corteza Federation logs events (actions) that occurred in the federated network in the Corteza’s action log facility.
This enables administration and simplifies the debugging of any potential configuration issues.
- Pairing started
The event is logged when the nodes initiate the node pairing step.
- Pairing failed
The event is logged when an error occurs during the pairing step.
- Pairing finished
The event is logged when the nodes have been paired successfully.
- Structure syncing started
The event is logged when the nodes initiate the structure syncing step.
- Structure syncing failed
The event is logged when an error occurs during the structure syncing step.
- Structure syncing finished
The event is logged when the nodes have successfully performed the structure syncing step.