[Geoserver-devel] GeoDRM and WFS-T?

Has anyone been looking into Digitial Rights Management (DRM) with respect to Geoserver.

Ie:
* Authenticating a user.
* Authorization: Is the user allowed to update the database?
Is the user allowed to update the feature?
Has someone "locked" a set of features to prevent them being edited while the user is out on a field trip?

I'd imagine that this would tie in very closely to the version WFS work.

--
Cameron Shorter
Systems Architect, http://lisasoft.com.au
Tel: +61 (0)2 8570 5050
Mob: +61 (0)419 142 254

Um, the things you are talking about are not really digital rights management. They are basic authentication and authorization. If you're just talking about those, and not the awfully named OGC specs, then yes, we've been looking in to it and have adopted a security framework called Acegi. See: http://docs.codehaus.org/display/GEOS/GSIP+16+-+Security+subsystem and the pages it links to. It has a bit of a high learning curve, but a lot of power. I believe it's on trunk now, or is close to getting there.

But please don't use the word DRM. See: http://www.fsf.org/campaigns/drm.html I will personally refuse to implement any of the OGC specs as long as they have that name. Though people can of course develop plug-ins to GeoServer if they really want it.

Chris

Cameron Shorter wrote:

Has anyone been looking into Digitial Rights Management (DRM) with respect to Geoserver.

Ie:
* Authenticating a user.
* Authorization: Is the user allowed to update the database?
Is the user allowed to update the feature?
Has someone "locked" a set of features to prevent them being edited while the user is out on a field trip?

I'd imagine that this would tie in very closely to the version WFS work.

--
Chris Holmes
The Open Planning Project
http://topp.openplans.org

I'm not an expert on OGC GeoDRM, but from the couple of chat's I've been in when this was discussed, it seems that the OGC really mean Authentication/Authorization and have just picked a bad acronym.

Chris Holmes wrote:

Um, the things you are talking about are not really digital rights management. They are basic authentication and authorization. If you're just talking about those, and not the awfully named OGC specs, then yes, we've been looking in to it and have adopted a security framework called Acegi. See: http://docs.codehaus.org/display/GEOS/GSIP+16+-+Security+subsystem and the pages it links to. It has a bit of a high learning curve, but a lot of power. I believe it's on trunk now, or is close to getting there.

But please don't use the word DRM. See: http://www.fsf.org/campaigns/drm.html I will personally refuse to implement any of the OGC specs as long as they have that name. Though people can of course develop plug-ins to GeoServer if they really want it.

Chris

Cameron Shorter wrote:

Has anyone been looking into Digitial Rights Management (DRM) with respect to Geoserver.

Ie:
* Authenticating a user.
* Authorization: Is the user allowed to update the database?
Is the user allowed to update the feature?
Has someone "locked" a set of features to prevent them being edited while the user is out on a field trip?

I'd imagine that this would tie in very closely to the version WFS work.

--
Cameron Shorter
Systems Architect, http://lisasoft.com.au
Tel: +61 (0)2 8570 5050
Mob: +61 (0)419 142 254

What level of authorization has been implemented?
I assume I can set user roles against a WFS installation.
Can I set read/write restrictions on a layer?
What about a feature?

How do I manage the roles. Is there a web page or similar I can use to manage users and their roles?

Chris Holmes wrote:

Um, the things you are talking about are not really digital rights management. They are basic authentication and authorization. If you're just talking about those, and not the awfully named OGC specs, then yes, we've been looking in to it and have adopted a security framework called Acegi. See: http://docs.codehaus.org/display/GEOS/GSIP+16+-+Security+subsystem and the pages it links to. It has a bit of a high learning curve, but a lot of power. I believe it's on trunk now, or is close to getting there.

But please don't use the word DRM. See: http://www.fsf.org/campaigns/drm.html I will personally refuse to implement any of the OGC specs as long as they have that name. Though people can of course develop plug-ins to GeoServer if they really want it.

Chris

Cameron Shorter wrote:

Has anyone been looking into Digitial Rights Management (DRM) with respect to Geoserver.

Ie:
* Authenticating a user.
* Authorization: Is the user allowed to update the database?
Is the user allowed to update the feature?
Has someone "locked" a set of features to prevent them being edited while the user is out on a field trip?

I'd imagine that this would tie in very closely to the version WFS work.

--
Cameron Shorter
Systems Architect, http://lisasoft.com.au
Tel: +61 (0)2 8570 5050
Mob: +61 (0)419 142 254

Chris Holmes ha scritto:

Um, the things you are talking about are not really digital rights management. They are basic authentication and authorization. If you're just talking about those, and not the awfully named OGC specs, then yes, we've been looking in to it and have adopted a security framework called Acegi. See: http://docs.codehaus.org/display/GEOS/GSIP+16+-+Security+subsystem and the pages it links to. It has a bit of a high learning curve, but a lot of power. I believe it's on trunk now, or is close to getting there.

Not on trunk, I'll be merging it on trunk on the first occasion.
The only concern I have is that now the config is all property file
based, with cleartext passwords in it, and no UI.
I mean, the acegi branch was meant to be a proof of concept, and turned
out to be a good enough solution too, but I would not call it the
final one. Yet, it's orders of magnitude better than the nothing we have now.

Cheers
Andrea

Cameron Shorter ha scritto:

What level of authorization has been implemented?

What do you mean by level? At the moment in the acegi branch we
do have basic authentication and form based authentication.
Other means can be added, like certificates, digest
authentication and the like.

I assume I can set user roles against a WFS installation.

Yeah, authentication is role based

Can I set read/write restrictions on a layer?

Not at the moment. The security in the acegi
prototype branch is based on two files, user.properties
and service.properties:

user.properties: (user=password,role1,...,roleN)
admin=geoserver,ROLE_ADMINISTRATOR
wfst=wfst,ROLE_WFS_READ,ROLE_WFS_WRITE
wfs=wfs,ROLE_WFS_READ

service.properties: (service[.method]=role1,...,roleN)
wfs.GetFeature=ROLE_WFS_READ
wfs.Transaction=ROLE_WFS_WRITE

You get to do something if you have one of the roles
listed in the service.properties, so for the moment
we can distinguish read and write (method is optional,
so you can lock a service without listing all its
methods).

Yet, it would not be difficult to add a third file,
data.properties, and have a list of
namespace[.featuretype][.read/write]=role1,...,roleN
that do list roles that can do a certain action
on the data.

I think I would like to add some query based file
too, so that you can specify that certain roles
can access only a certain subset of the data.
Something like:
namespace[.featuretype].role1.roleN=p1,...,pN,cql_filter

where p1,...,pN are properties, and cql_filter is
a filter expressed in CQL syntax (just because it's
more compact and expressive than the OGC Filter one).

How do I manage the roles. Is there a web page or similar I can use to manage users and their roles?

No, and I won't make one until we switch to Wicket. I had my big
enough share of curses with Struts. At the moment you can configure
the prototype with a set of plain text property files (with
passwords in clear text, encrypting them will require an UI
that can deal with the files first).

Hope this helps
Cheers
Andrea

That may be a case, but what you call things is actually a pretty big deal. And there are few worse acronyms among enlightened consumers than DRM these days, even though the 'enterprise' still thinks they need it. So until they change it I'm inclined to raise a stink about it whenever anyone will listen. There was talk of a name change but nothing ever happened.

Cameron Shorter wrote:

I'm not an expert on OGC GeoDRM, but from the couple of chat's I've been in when this was discussed, it seems that the OGC really mean Authentication/Authorization and have just picked a bad acronym.

Chris Holmes wrote:

Um, the things you are talking about are not really digital rights management. They are basic authentication and authorization. If you're just talking about those, and not the awfully named OGC specs, then yes, we've been looking in to it and have adopted a security framework called Acegi. See: http://docs.codehaus.org/display/GEOS/GSIP+16+-+Security+subsystem and the pages it links to. It has a bit of a high learning curve, but a lot of power. I believe it's on trunk now, or is close to getting there.

But please don't use the word DRM. See: http://www.fsf.org/campaigns/drm.html I will personally refuse to implement any of the OGC specs as long as they have that name. Though people can of course develop plug-ins to GeoServer if they really want it.

Chris

Cameron Shorter wrote:

Has anyone been looking into Digitial Rights Management (DRM) with respect to Geoserver.

Ie:
* Authenticating a user.
* Authorization: Is the user allowed to update the database?
Is the user allowed to update the feature?
Has someone "locked" a set of features to prevent them being edited while the user is out on a field trip?

I'd imagine that this would tie in very closely to the version WFS work.

--
Chris Holmes
The Open Planning Project
http://topp.openplans.org