Technical analysis for: Allow using SDMX-RI authentication to connect to external NSI web service
Analyse technical feasibility, functional needs on the DLM side and efforts required for implementing a mechanism to connect from DLM to external NSI web services using the native NSI authentication mechanism (implemented by Eurostat and used by ISTAT) based on HTTP basic access authentication (BA). The DLM user should be able to enter the required credentials in the DLM GUI per external data space that is configured to require basic authentication (new config option).
Because the BA field has to be sent in the header of each HTTP request for that data space, the web browser needs to cache the credentials for a reasonable period of time (or the current session) to avoid constantly prompting the user for their username and password.
The credentials (username, password) should be requested to be entered by the user in a simple popup dialog on the first usage of that data space within the session. The data space should be mentioned in the popup, e.g. with title "Login to [space]", where [space] is being visually coloured as usual.
If the NSI call is unsuccessful because of incorrect credentials (unauthenticated request), it needs to be checked that the NSI correctly returns the appropriate response which contains a HTTP 401 error (Unauthorized). In this case, the credential dialog should state "Unauthorized: please enter a valid username and password". The user should be able to cancel the popup dialog at any time, which will result in not executing the underlying NSI request and in cancelling the related user action.
The credential popup should be made in a way that allows standard web browsers to automatically store and manage the credentials in the browser's inbuilt password manager.