- keycloak integration
- "hardening" :
- create _users db
- create _security doc on all databases
- create validation function for read-only access
- enforce "safe" user password
- temporary access (per default 24 hours, configurable via attribute in the access token)
- simple GUI to request access
- simple tracking of actions in the accessmanager scheme
Still missing:
- no justifications for the requested access
- no admin page to access the audit data