-
Notifications
You must be signed in to change notification settings - Fork 1
GSIP 53
Make Geoserver ready for access control specific to geodata and evaluate Single Sign On technologies.
{warning} This proposal has been superseded by [GSIP 71 - New Security Subsystem]. {warning}
Christian Mueller
This proposal will be implemented for release 2.1.0 or a later one, depending on GSIP 54 which is a prerequisite.
Choose one of: Under Discussion, In Progress, Completed, Rejected, Deferred
Spatial Data causes additional requirements for access control, an example is given in the proposal section. Since most of the OGC Web Services are stateless, it makes sense to offer the possibility of SSO and allow geoserver deployments working in a host farm (clustering).
This proposal is based on Spring Security Security home page . The actual version of Spring Security is 3.x requiring Spring Framework 3.0. At the time of writing this proposal, Geoserver uses Spring 2.x. There are 2 possibilities
- Using Spring Security 2.x and defer migration to Spring 3.x ( GSIP 54 )
- Migrating Geoserver to Spring 3.x and use Spring Security 3.x
The first step is to find a solution for access control specific for geographical data. At a minimum, it should be possible to add a GeoXACML plugin. Normally, an access control decision is a simple YES or NO. This is not sufficient for spatial data. A simple example to illustrate the problem.
Given: a map of Europe and a layer with all cities of Europe.
Access Control: User Bob has the right to view all cities of Italy, he has no right to see other cities.
Problem: It is not possible to construct the proper WMS GetMap request since Italy is not a rectangle and this kind of request needs a bounding box.
Solution:
XACML has a concept called obligations. An obligation can be anything, obligations themselves are attached to an access decision. In this example, the result of the access decision system should be YES, but with an obligation telling Geoserver to intersect the city layer with the border of Italy.
The second step is an investigation concerning how nice Geoserver can play in SSO scenarios.
SAML and XACML are possible technologies for taking a deeper look.
This section should contain feedback provided by PSC members who may have a problem with the proposal.
No migration are necessary for already deployed Geoserver installations.
- Alessio Fabiani
- Andrea Aime
- Chris Holmes (Chair)
- Jody Garnett
- Rob Atkinson
- Simone Giannecchini
- Ben Caradoc-Davies
- Mark Leslie
JIRA Task Email Discussion Wiki Page
©2020 Open Source Geospatial Foundation