Security model

Security model

The Canadian Wheat Alliance website contains advanced software that will provide different offerings of services and information depending on who is using the website.

In order to take advantage of the full range of information and services available on the Wheat Portal a person (let's call him Alex) needs to tell the system who they are. Once the system knows that it's Alex using the website it can tailor the offering of information and services to him.

The process of authentication begins with a Alex requesting an account on the Wheat Portal. Alex provides his email address to a moderator who determines his role in the Canadian Wheat Alliance and assigns him to specific Roles defined on the Wheat Portal.

Once approved, Alex will log into the Wheat Portal with a given username and password combination. There will be a 'Remember Me' function provided so that Alex doesn't have to log in each time he visits the Wheat Portal.

Now that Alex is logged in, features appropriate to his Role in the Canadian Wheat Alliance will appear. If he's a Principal investigator, links to XXXX and YYY will appear under a "Principal Investigator" menu. If he's a Lab Member working on Genomics, his custom home page may contain links to new Genomics features that have been created on the website since his last visit. He will also see a "Lab Member" menu with links of importance to him.

The website also knows what data he is allowed to see and download and will show or hide information appropriately.

Certain types of content may allow people to comment on the content. For example, Alex may comment on blog posts with additional feedback. His comments will be tagged with his name so that the dialog is open and constructive.

More detail on the Wheat Portal security model.

The basic unit of security is the user. The user will be "Anonymous" if not logged in, or will have a username if logged in. When logged in, a User will also belong to one or more Roles that will always include "Authenticated User".

Individual applications that are running within the Wheat Portal framework will be able to ask the Wheat Portal for more information on the current user and based on that information can tailor the application to that user. This could include remembering certain settings or preferences, adjusting display parameters, or changing what data is available for analysis.