Stream: implementers
Topic: docker node and java image
Erich Schulz (Jul 01 2016 at 08:23):
on my todo list is securing one of these with a view to having a deployable CQL->javascript microservice. This isnt really a layer I enjoy playing in, so if anyone has skills and interest in help me out for a few hours please let me know
Erich Schulz (Jul 01 2016 at 08:23):
(I have two images I'm using currently, but be nice to tidy it up and pull it all together)
John Moehrke (Jul 02 2016 at 16:26):
Erich, the security layer is independent of the FHIR data/service model. This allows us to mature both of them independently. I would recommend you look at SMART security layer. It is a good start, and very painless. Just expect that the security layer needs to be loosely coupled into your microservice. This is especially true of sevices, which will be looked to implement increasingly complex and dynamic solutions. However all these solutions should be based on off-the-shelf IT, not something all that special to FHIR. See security.html page.
Erich Schulz (Jul 02 2016 at 23:58):
ah sorry @John Moehrke - I used ambiguous language - I meant securing as in "obtaining" or "procuring" rather than "making secure"...
Last updated: Apr 12 2022 at 19:14 UTC
