An interesting question has been raised about how to run a Fusion Registry that is locked-down so no-one at all may make any modifications to it. This may be desired if you have a Registry that is exposed on the Internet to the entire world and you'd like to be sure that it is secure.
A simple way to do this is to run with the Registry requiring an authentication service but that authentication service is not running. The following steps illustrate how to do this:
- Setup your Firewall / Web server / Proxy so that the Fusion Registry is not exposed to the outside world.
- Start Fusion Registry and Fusion Security and ensure that they have been configured to communicate with each other.
- Login to the Fusion Registry and load the structures into your Registry.
- Terminate Fusion Security. Now it is impossible to log into the Fusion Registry.
- Setup your Firewall / Web server / Proxy so that the Fusion Registry is exposed to the outside world.
Now no-one can modify your Registry since all actions that attempt to make a modification will fail authentication. If you need to make a change, simply restart Fusion Security, make the changes and then terminate Fusion Security again.