.. _UC14: Use Case 14 - System Authentication and Authorization ----------------------------------------------------- .. index:: Use Case 14, UC14, system authentication, system authorization Revisions View document revision history_. Goal A system process authenticates and performs some system operation (e.g. replication). In this example, a Member Node authenticates to enable transfer of content from MN A to MN B. Summary System operations are required for many operations including the management of content across Member Nodes and replication between Coordinating Nodes. This use case describes the system level interactions required to perform a system level operation. Actors - Coordinating Node - Member Node(s) Preconditions - Operational system Triggers - A system level operation is invoked. Post Conditions - The operation is completed - The authentication token is optionally disposed .. @startuml images/14_uc.png actor "Coordinating Node" as CN actor "Member Node A" as MN_A actor "Member Node B" as MN_B usecase "13. User Authorization" as author usecase "14. System Operation" as SYSOP usecase "9. Replicate MN to MN" as repl CN -- SYSOP MN_A -- SYSOP MN_B -- SYSOP SYSOP ..> author: <> SYSOP ..> authen: <> SYSOP ..> repl: < @enduml .. image:: images/14_uc.png *Figure 1.* Use case 14, system authentication .. @startuml images/14_seq.png participant "Replication API" as m_rep_a << Member Node A >> participant "Replication API" as m_rep_b << Member Node B >> participant "Authentication API" as c_authenticate << Coordinating Node >> participant "Verify API" as c_ver << Coordinating Node >> m_rep_a -> c_authenticate: login(user, pw) note right The user in this case is the DataONE identity given to MN A. end note m_rep_a <-- c_authenticate: token or failure m_rep_a -> m_rep_b: getContent(token, ...) m_rep_b -> c_ver: isAuthorized(token, ...) m_rep_b <-- c_ver: True or False m_rep_a <-- m_rep_b: content or Fail note right Member Node A is now in a modified state and should signal this during next status request from a CN end note m_rep_a --> c_authenticate: logout(token) @enduml .. image:: images/14_seq.png *Figure 2.* Interactions for use case 14. .. _history: https://redmine.dataone.org/projects/d1/repository/changes/documents/Projects/cicore/architecture/api-documentation/source/design/UseCases/14_uc.txt