[UXPROD-3018] Distributed Configuration Created: 29/Mar/21  Updated: 06/Jun/22

Status: Open
Project: UX Product
Components: None
Affects versions: None
Fix versions: None

Type: New Feature Priority: P3
Reporter: Craig McNally Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Relates
relates to FOLIO-3121 Define the distributed_configuration ... Open
relates to FOLSPRINGS-18 Default implementation of the distrib... Open
relates to OKAPI-1008 Namespace-scoped Interface support Open
relates to RMB-827 Default implementation of the distrib... Open
relates to STSMACOM-499 Support for consuming the distributed... Open
relates to FOLIO-3105 SPIKE: Investigate OKAPI extensions ... Closed
relates to FOLIO-2875 SPIKE: how to distribute configuratio... Closed
Development Team: Core: Platform
PO Rank: 0
Rank: Cornell (Full Sum 2021): R3

 Description   

Overview

Centralized configuration via mod-configuration is problematic from a security perspective. It provides a convenient mechanism for storing configuration, but the permission granularity is too coarse. Granting a user the ability to access an entry for one app means that they will also have access to ALL configuration entries. See https://folio-org.atlassian.net/wiki/display/DD/Distributed+Configuration

One proposal is that modules may choose to implement a "multiple" interface which presents a common interface for accessing configuration.  This means the clients (the UI for instance) are presented a common interface for getting configuration instead of each module doing it their own way. See https://folio-org.atlassian.net/wiki/display/DD/Distributed+Configuration+via+Multiple+Interfaces+and+Scope?src=contextnavpagetreemode

Another is to extend OKAPI to support namespace-scoped interfaces. See https://folio-org.atlassian.net/wiki/display/DD/Distributed+Configuration+via+Namespace#DistributedConfigurationviaNamespace-Namespace-scopedInterfaceSupport

NOTE: the FOLIO technical council and security team have reviewed the need for this and expressed a desire for the work to be completed.

NOTE: The genesis for this work was one of the items identified during the security audit conducted in 2020.



 Comments   
Comment by Khalilah Gambrell [ 21/Jul/21 ]

Craig McNally, Jakub Skoczen, will this be included with the Juniper release?

Comment by Mike Taylor [ 06/Jun/22 ]

Hey, folks. I notice that a deprecation notice was added to mod-configuration a few months ago: see https://github.com/folio-org/mod-configuration#deprecation

Does this mean that one of the replacement approaches referenced by this issue has been implemented, and that that's what I should use?

Generated at Fri Feb 09 00:28:41 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.