Message-ID: <1607037149.8466.1711699314894.JavaMail.confluence@ip-172-30-4-17.ec2.internal> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_8465_920153952.1711699314891" ------=_Part_8465_920153952.1711699314891 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html OVERVIEW--

OVERVIEW--

The Project Management cell (PM) is an i2b2 Hive core cell and i= t has two basic functions:

  1. To control user access to various services
  2. To keep track of where these services are located


User access is determined by a user's = "role", which is a variable associated with a user that serves to = define the actions that a user may perform. The role may determine how much= data to return and whether or not there is access to a particular service.=



In a= ddition to roles, there is the concept of a "target location" or "= domain" that further defines the environment and associated permis= sions. The target location is a variable that defines the PM server locatio= n to be accessed. When a person logs in to the i2b2 Workbench, a login scre= en comes up that requires the username, password and target location to be = entered. The target location is also called the domain, which is shorthand = for domain name and it is used to authenticate the user. The domain is actu= ally shorthand for the domain name. The i2b2 cells have mappings of the dom= ain names to the URLs; these mappings tell where the service that will auth= enticate the user is located. If the domain does not exist in the lookup ta= ble, the person is not authenticated. If the domain exists, the user is aut= henticated. In effect, the mapping of the domain name to the URL provides a= n extra layer of security to the authentication process. <= br class=3D"atl-forced-newline"> After the authentication process the PM ce= ll performs the authorization process. The get_use= r_configuration message is used by the PM cell to determine the us= er's roles, permissions and privileges as well as return what the user is a= llowed to see.

------=_Part_8465_920153952.1711699314891--