Dear PSC,
With Jesse, I would like to call for vote for the following proposal
(http://trac.osgeo.org/geonetwork/wiki/proposals/SpringSecurity) which
entails the use of Spring Security, a well-known framework that
supports the use of one or several security providers. Main goals are:
* SSO configuration (CAS)
* improve LDAP support
* import user privileges (support more than one group, define profile mapping)
* support more than one authentication provider
* when accessing a protected page, user is moved to a login page and
will be redirected to the protected resource (instead of
ServiceNotAllowed? exception #313)
... and keep local user database and shibboleth support.
It has been tested in the last month with quite a number of different
LDAP configurations with or without CAS including using the multiple
profiles per user proposal
(http://trac.osgeo.org/geonetwork/wiki/proposals/UserProfileByGroup)
(which did not get so much votes).
Looking forward to your votes.
Regards
Jesse & Francois