Knowledge Base

User Tools

Site Tools

Trace: liber_extra welcome semantic_search_engine introduction authentication prova1
gnorm:authentication

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
gnorm:authentication [2026/01/14 10:24] – created finconsgnorm:authentication [2026/01/15 11:47] (current) fincons
Line 7: Line 7:
   * **Direct ITSERR access** – via system-provided credentials (username and password);   * **Direct ITSERR access** – via system-provided credentials (username and password);
   * **Federated D4Science access** – via external academic or institutional providers (Google, LinkedIn, ORCID, GitHub, CNR-ISTI, etc.).   * **Federated D4Science access** – via external academic or institutional providers (Google, LinkedIn, ORCID, GitHub, CNR-ISTI, etc.).
 +
 +----
  
 ===== Direct ITSERR access ===== ===== Direct ITSERR access =====
Line 18: Line 20:
 Alternatively, users can authenticate directly through the **ITSERR Account** button, which automatically redirects to the centralized authentication portal, maintaining the user session active for the entire duration of navigation. Alternatively, users can authenticate directly through the **ITSERR Account** button, which automatically redirects to the centralized authentication portal, maintaining the user session active for the entire duration of navigation.
  
 +{{gnorm:gnorm_login_itserr.png?650|ITSERR login page}}
 +----
 ===== Federated access via D4Science ===== ===== Federated access via D4Science =====
 Federated authentication is managed through **Keycloak**, a secure system compliant with the digital identity standards adopted by D4Science.   Federated authentication is managed through **Keycloak**, a secure system compliant with the digital identity standards adopted by D4Science.  
Line 29: Line 33:
   * ORCID     * ORCID  
   * CNR-ISTI     * CNR-ISTI  
 +
 +{{gnorm:gnorm_login_keycloak.png?650|D4Science Keycloak authentication page}}
  
 Users may also enable the **Remember me** option to keep the session active or use **Forgot Password** to recover credentials.   Users may also enable the **Remember me** option to keep the session active or use **Forgot Password** to recover credentials.  
 Once authentication is completed, the user is redirected to the authenticated homepage of the platform. Once authentication is completed, the user is redirected to the authenticated homepage of the platform.
 +----
 ===== Session management ===== ===== Session management =====
 After authentication: After authentication:
Line 40: Line 46:
   * Upon browser closure or prolonged inactivity, the session is automatically terminated.   * Upon browser closure or prolonged inactivity, the session is automatically terminated.
  
 +
 +----
 ===== User roles and permissions ===== ===== User roles and permissions =====
 Three main roles are defined within the system: Three main roles are defined within the system:
Line 48: Line 56:
 | Admin | Technical–administrative user with global privileges, used for initial setup activities and supervision. | Full backend management, user and role creation and modification, general system configuration. | | Admin | Technical–administrative user with global privileges, used for initial setup activities and supervision. | Full backend management, user and role creation and modification, general system configuration. |
  
 +----
 ===== Security and credential management ===== ===== Security and credential management =====
 The system guarantees: The system guarantees:
gnorm/authentication.1768382659.txt.gz · Last modified: by fincons