You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Patterns HuiHAC+i and HuiHRAC+i add an interaction between a Human interactive user of a Host, and an AuthClient or RemoteAccessClient running on the Host.
This is incorrect. It is possible that the AuthClient or RemoteAccessClient have rights that are not supposed to be accessible to the Human. For example, the Host may run a remote access client used by the system manager to access and administer other systems, and also some local applications that are accessible to a local user. The local application user should only have access to the remote access client if they are also the system manager.
This whole area of the domain model (local and remote user interaction with processes) is one that was implemented 'subject to review'.
HuiHAC+i was inserted at this point is because it follows Hc-pN-hP+AC, which adds an AuthClient to a Host that connects to a network controlled by an authentication service. To connect to the network, an AuthClient on the connecting Host must connect to the network's authentication service, and Hc-pN-hP+AC adds the AuthClient to the Host if none is present. For some reason it was assumed there should be a user for this AuthClient, but that isn't strictly true - in many cases the connection is made by an automated client using a stored credential.
The simplest solution would be to delete patterns HuiHAC+i and HuiHRAC+i. This means the system modeller user would need to assert which user(s) interact with each AuthClient or RemoteAccessClient. A local interaction with the client's Host would then follow from that, not the other way around.
The text was updated successfully, but these errors were encountered:
Patterns HuiHAC+i and HuiHRAC+i add an interaction between a Human interactive user of a Host, and an AuthClient or RemoteAccessClient running on the Host.
This is incorrect. It is possible that the AuthClient or RemoteAccessClient have rights that are not supposed to be accessible to the Human. For example, the Host may run a remote access client used by the system manager to access and administer other systems, and also some local applications that are accessible to a local user. The local application user should only have access to the remote access client if they are also the system manager.
This whole area of the domain model (local and remote user interaction with processes) is one that was implemented 'subject to review'.
HuiHAC+i was inserted at this point is because it follows Hc-pN-hP+AC, which adds an AuthClient to a Host that connects to a network controlled by an authentication service. To connect to the network, an AuthClient on the connecting Host must connect to the network's authentication service, and Hc-pN-hP+AC adds the AuthClient to the Host if none is present. For some reason it was assumed there should be a user for this AuthClient, but that isn't strictly true - in many cases the connection is made by an automated client using a stored credential.
The simplest solution would be to delete patterns HuiHAC+i and HuiHRAC+i. This means the system modeller user would need to assert which user(s) interact with each AuthClient or RemoteAccessClient. A local interaction with the client's Host would then follow from that, not the other way around.
The text was updated successfully, but these errors were encountered: