View source | View content page | Page history | Printable version   

Projects:EnhanceTerminalAuthentication

Contents

Introduction

The main goal of this project is to improve the security of Web POS operation by enforcing device (terminal) access privileges to the system so only authorized terminal devices can connect to the system as POS terminals.

Secondary objectives for this project are:

Requirements

Solution

Add two new fields in POS Terminal window:

First time accessing to Web POS:

In case we want to revoke the access of a physical device, it is enough unchecking "Is linked to a physical device" on the terminal configuration and entering a new code. If we try to access with the linked physical device, Web POS will ask the code of the terminal. This way it will be possible to address scenarios of changing one physical device by another (eg. because of device is broken).

This project should provide a smooth migration process from the current way of operation (in which terminal is defined at the url of each terminal) to the new secure way (old way is fully discontinued but transition should be smooth). Using a preference (Use terminal/device security) we can keep getting the terminal from the URL or work with this new functionality

Documentation

Improvements (3.0RR15Q1)

The concept of cache session ID will be added to this feature. Cache session ID will be a unique ID which will represent a cache session. This Id will change whenever the cache is removed. For sure ii eill be different among the diferent devices which are using the POS.

This Id will help to control strange situations which are not being managed properly right know. Therefore, this ID will be included as a part of client side logging providing important information about wrong usage of the Web POS.

This issue has been created in mantis to track every changes related to this feature

Retrieved from "http://wiki.openbravo.com/wiki/Projects:EnhanceTerminalAuthentication"

This page has been accessed 4,018 times. This page was last modified on 12 November 2015, at 19:23. Content is available under Creative Commons Attribution-ShareAlike 2.5 Spain License.