Authentication options ?

[kylehuynh205]

Hello, we're hosting the SimpleAnnotation Server as application running in Tomcat. We're sendings REST requests to index the annotations to the server and we're using SOLR instead of Jena.

I know that there isn't authentication included in the project. But I'm wondering if you have any suggestion to secure the SimpleAnnotation Server with Tomcat ? Thank you.

[glenrobson]

Hi, there are a few ways to add authentication.

The easiest way if you don't need the annotations to be private to each user is to setup authentication in a proxy like Apache or Nginx. You can use this method to protect SAS with Shibboleth or have a single username and password.

If you do want the annotations to be private there is the auth_testing branch which uses Github or Google authentication. I need to merge the auth_testing branch into main as it is the latest version which I am running here