Please enable JavaScript.
Coggle requires JavaScript to display documents.
ClubGRANTS Authentication - Coggle Diagram
ClubGRANTS Authentication
Change the current authentication model
Effort
What kind of effort will be required
High level assessment
Can we do this in a quick time
What kind of effort will be required
Release will have to be planned and executed - Do we have time for that ??
Is there a network related solution
Will have to disable current authentication model
I guess this will only be applicable for CG and not for other modules
Then restrict access to certain IP range of ClubNSW
Risks
A major change at Authentication and need to test
Security change is another change at network level
Can we move club grant service in to a separate Rancher and restrict access to that
list down detail activities
No changes to code
The service will be open only for a window for application
Can we monitor the traffic generated by ClubNSW IPs and see whether anything else is coming
Database monitoring
Reviewing crucial data stores to make sure nothing else comes out
What are the risks associated with this approach
Will there be an issue when it comes to Auditing
Venues having user access that are not actual venue users?
How this will be avoided in
Should there be a process to remove clubNSW access levels right after submissions
Will this have functionality issues in areas like Reports?
When there are issues if Venue needs to edit the application then will they be able to do it ?
What needs to happen
ClubNSW should be given access to the list of venues they will be submitting applications
Propose a pilot approach
Through this approach application will only flow in a time period where both teams know
Rest of the times service will be down
Report to be generated at the end of the day depicting how many reports submitted, how many received, how many failed etc
Rest of the actions in "No changes to code" approach to be followed
Current Authentication Method
https://myconfluence.tabcorp.com.au/pages/viewpage.action?spaceKey=NC&title=5.2+Security
Risks