You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -773,3 +773,11 @@ The system needs to handle various resource limits consistently:
These limits need to be coordinated between QServ and TAP service configurations.
### 5.7 Authentication Between Services
One more aspect that needs to be carefully evaluated is the authentication mechanism between TAP and the QServ HTTP API. Currently this is limited to network-level security, where access is restricted to specific subnets. This is slightly limiting especially in terms of the development stages, since it requires running the development version of TAP alongside the same network where QServ resides, which may in some cases not be possible.
Further authentication methods could be considered, with examples being token-based authentication which is used throughout the RSP ecosystem, or basic authentication which would be simpler to implement but would require secure credential management. We should also consider whether the TAP service is the sole client of the API as this may have an effect on which solution best meets the requirements while minimizng effort and complexity.
