This page last changed on Jun 11, 2007 by aaime.

Overview

Add a security subsystem to Geoserver, to allow for multiple users authentication, role based level access, service and data access restrictions.

Proposed By

Andrea Aime

Proposal Type

Change to various existing modules

Assigned to release

1.6.0

State

( being discussed, in progress, complete, rejected, deferred )

Links

[Framework research page]
[Prototype description page]

Email discussion/Other wiki discussions

http://www.nabble.com/GSIP-16%2C-Geoserver-security.-Feedback-required-tf3679752.html#a10283409
[GEOSDEV:Geoserver authentication and authorization subsystem]
[GEOSDEV:Geoserver security implementation, initial version] http://www.nabble.com/GSIP-16%2C-security-framework.-Call-for-vote-tf3753211.html

Voting History

Chris Holmes +1
Andrea Aime +1
Justin Deoliveira +1
Alessio Fabiani +1

Motivations

Geoserver needs a well integrated security framework that allows for multiple users authentication, various access levels, both service and data security.
This is especially important for WFS-T, since it allows for changing data, but useful in general when data access must be limited to certain user categories, or when some data access trail must be stored for forensic analysis.

Assumptions

None?

Proposal

Have a simple user, role, service and data access configuration, still making it possible for people developing on Geoserver to change them and decide for other authentication mechanisms and backends.

Implementation

Integrate Acegi security into Geoserver, plugging into the web filters for service and web console authentication, and into the dispatch and data subsystems, for configuration, service and data lock down. For more informations, see the research and prototype pages in the links section.

Backwards compatibility issues

None significant. Of course, servers adding access limitations will break existing clients until they add credential providing feautures (see for example uDig).

Risks

Acegi is a powerful but relatively complex framework. This is mitigated by good documentation and vital support forum.
General Geoserver architecture will be barely touched thanks to Acegi "aspect" oriented approach to security management.

Participants

Andrea Aime

A couple of questions, thoughts having read the Acegi blurbs..

1) they dont mention support for WebSphere, but it could be added - geosever seems to have people deploying here - how would they be affected?

2) The OGC is working on a GeoDRM concept. IMHO, if something like Acegi is incompatible, OGC should probably move...but it would be good if someone who understands both Acegi and GeoDRM could make that call

 3) I couldnt really see much discussion as Asegi about the WS-security etc in the SOAP world. Given that geoserver is basically a web service, more than just a web application, it would be good to get a more informed opinion on this..

Posted by rob_cto_sco at May 14, 2007 18:07
Document generated by Confluence on May 14, 2014 23:00