< Security | Projects/Minion
Minion Web UI
The Web UI is responsible for:
- Generating the web UI (not surprisingly)
- Authenticating and managing users and user sessions
- Log in using Persona (BrowserID) (can be restricted by domain for use on central server by organizations)
- Menu -> New Scan, Running Scans, Completed Scans
- Future: Group Scans (member of groups, permissions, see other scans by group members/project)
- New Scan
- Basic: URL, Port
- Advanced: Login information, technologies used (customize scan such as SQLmap for SQL)
- Future: Scan type based on plugin (web app, client code, etc)
It should maintain as little data in memory as possible - all data should be retrieved from the Task Engine (and/or db?). This will allow us to run multiple Web UI servers for one service.
- Should this also provide a REST based API, or will we rely on the one implemented by the Task Engine?
- Will it need access to the db or will it get all data from the Task Engine?
- Answer: it will need its own db for storing user and session details