= Challenge =

How do we handle access control, when referencing from the core DOMS to external resources, either intra- or internet based?

= Cases =

 1. Ripped CDs placed on a server positioned at Statsbiblioteket
 2. Papers placed on a restricted website, which Statsbiblioteket has access to

= Solutions =

A general solution is to route all resources through a core DOMS maschine. This is impractical for large files or streaming media.

== Servers at Statsbiblioteket ==

A solution for Case 1, suggested by the technical department (the basement guys):

 1. Assume that access validation is already handled by the core DOMS.
 1. Let the CD server allow unrestricted access from DOMS maschines.
 1. Let the DOMS request a one-time URL from the CD server. The one-time URL is accessible from anywhere.
 1. Present the one-time URL to the end-user.

== External resources ==

Make a proxy-server, which uses the same one-time validation schema as above.