Bug 4891 - Authentication system for SUSHI requests
Authentication system for SUSHI requests
Status: NEW
Product: OJS
Classification: Unclassified
Component: Plug-ins
3.x
All All
: P5 enhancement
Assigned To: PKP Support
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-11-20 11:06 PST by Colin Prince
Modified: 2013-05-29 16:11 PDT (History)
2 users (show)

See Also:
Version Reported In:
Also Affects:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Colin Prince 2009-11-20 11:06:12 PST
Since SUSHI requests are not interactive and so can't use a username and password, we need a way for Journal Managers to manage who can see their SUSHI reports.

The existing Subscriptions functionality could be pressed into service here, with its IP number awareness.

I believe NLM harvesting relies on subscription functionality to allow it to work by IP also.

I need ideas about the best way to handle authentication for SUSHI requests, perhaps:

a. using existing subscriptions functionality; or
b. coding something new based on the above code

other ideas?
Comment 1 Alec Smecher 2009-11-21 02:58:21 PST
Colin, there are currently a number of places where the current subscription checks are used; I'd suggest staying consistent with that, and if we need to change it for some reason, we can change it for all similar cases.
Comment 2 Colin Prince 2009-11-23 14:59:42 PST
We could make a new Role for journals to share their statistical information with others without having them see the other Journal Manager's tools.

Such a "Statistics role" could then be used for the COUNTER, SUSHI, and the other statistical reports.
Comment 3 Colin Prince 2011-02-28 15:13:38 PST
Commit to my cprince repo showing implementation of the OJS side of Sylvain's authentication server idea:

https://github.com/cprince/ojs/commit/edad9d333a1978b55d45d3af0740e04183eeafd0

The idea is sound but I don't know what his ideas are for fleshing this out.
Comment 4 Alec Smecher 2013-05-29 16:11:44 PDT
Not sure this is still relevant, but certainly isn't until 3.x; deferring.