Dataspaces in Stellio
To configure the dataspace model of the platform in Stellio, we group the key entities of Stellio into Tenants.
The Access check is done as for the other components in the CIVITAS/Core Platform by the API Management in Front of Stellio.
How the Platform's Dataspace Concept Maps to Stellio
For each dataspace, we implement a Tenant in Stellio with a set of three needed Roles for Reading, Writing and Deleting entities. The API Management checks, if the needed role is assigned to the user.
- Entities: Entities in Stellio are the core data objects. Entities are assigned to tenants and stored in tenants.
- Tenant: A tenant is a grouping of entities where access to the tenant can be granted. The integrated check of Stellio is disabled and replaced by the API Management in front. Tenants are separated schemas on database level.
Example for Keycloak and Stellio
The following settings describes the dataspaces named "baumkataster" and "denkmalschutz" defined in Keycloak and Geoserver:
Keycloak client "api-access":
- Group for dataspace "baumkataster":
baumkataster - Group for dataspace "denkmalschutz":
denkmalschutz - Keycloak user "Max Mustermann" (
max@mustermann.de)- User-Group-Assignments:
baumkataster,denkmalschutz
- User-Group-Assignments:
- Tenants in Stellio:
baumkataster,denkmalschutz
Mapping illustrated
This mapping is illustrated in the following image by using the same color for matching objects.
Setting Up Dataspaces in Stellio
There is no manual setup of the dataspace concept in Stellio.