[Geoserver-devel] geoserver 2.2 and security work

Hi all,

I wanted to restart up some discussion about pushing forward on geoserver 2.2 and the current security work that is pending. In terms of GSIP 71 the current feedback is mostly related to documentation work. On the user front the current docs are more of a reference guide and we need to add some more tutorial style docs oriented to users actually configuring the system in different authentication scenarios. On the developer front we need to add docs for the new interfaces and internal api, also adding some tutorials on how to add new types of authentication.

In terms of code christian and I have been working on getting the code in shape and in a state to commit to trunk. We are very close and I think it would certainly be good to start getting it exposure from the other devs to start flushing out issues and focus on stability.

So I am proposing that we commit the work soon even in light of the pending doc changes. Certainly we want to have all the docs in place before 2.2 but I think we can work on that in parallel while at the same time fixing bugs and stabilizing as we move toward 2.2.

Opinions?

-Justin


Justin Deoliveira
OpenGeo - http://opengeo.org
Enterprise support for open source geospatial.

On Thu, Mar 29, 2012 at 7:25 AM, Justin Deoliveira <jdeolive@anonymised.com.1501…> wrote:

Hi all,

I wanted to restart up some discussion about pushing forward on geoserver 2.2 and the current security work that is pending. In terms of GSIP 71 the current feedback is mostly related to documentation work. On the user front the current docs are more of a reference guide and we need to add some more tutorial style docs oriented to users actually configuring the system in different authentication scenarios. On the developer front we need to add docs for the new interfaces and internal api, also adding some tutorials on how to add new types of authentication.

In terms of code christian and I have been working on getting the code in shape and in a state to commit to trunk. We are very close and I think it would certainly be good to start getting it exposure from the other devs to start flushing out issues and focus on stability.

So I am proposing that we commit the work soon even in light of the pending doc changes. Certainly we want to have all the docs in place before 2.2 but I think we can work on that in parallel while at the same time fixing bugs and stabilizing as we move toward 2.2.

Opinions?

Works for me. I just have a concern in terms of developer docs, not for the docs per se, the
questions were more about understanding what can be done developer wise, as a way to
review the interfaces that have been introduced.
Can you elaborate a bit more on the above without having to go and build docs?
One page summary, nothing crazy.

Cheers
Andrea

Ing. Andrea Aime
GeoSolutions S.A.S.
Tech lead

Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy

phone: +39 0584 962313
fax: +39 0584 962313
mob: +39 339 8844549

http://www.geo-solutions.it
http://geo-solutions.blogspot.com/
http://www.youtube.com/user/GeoSolutionsIT
http://www.linkedin.com/in/andreaaime
http://twitter.com/geowolf


On Wed, Mar 28, 2012 at 10:25 PM, Justin Deoliveira
<jdeolive@anonymised.com> wrote:

Hi all,

I wanted to restart up some discussion about pushing forward on geoserver
2.2 and the current security work that is pending. In terms of GSIP 71 the
current feedback is mostly related to documentation work. On the user front
the current docs are more of a reference guide and we need to add some more
tutorial style docs oriented to users actually configuring the system in
different authentication scenarios. On the developer front we need to add
docs for the new interfaces and internal api, also adding some tutorials on
how to add new types of authentication.

In terms of code christian and I have been working on getting the code in
shape and in a state to commit to trunk. We are very close and I think it
would certainly be good to start getting it exposure from the other devs to
start flushing out issues and focus on stability.

So I am proposing that we commit the work soon even in light of the pending
doc changes. Certainly we want to have all the docs in place before 2.2 but
I think we can work on that in parallel while at the same time fixing bugs
and stabilizing as we move toward 2.2.

Opinions?

No objections here.

-Justin

--
Justin Deoliveira
OpenGeo - http://opengeo.org
Enterprise support for open source geospatial.

------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here
http://p.sf.net/sfu/sfd2d-msazure
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

--
Gabriel Roldan
OpenGeo - http://opengeo.org
Expert service straight from the developers.

Cool, that sounds good, I can definitely do that. Will add a page in the developer guide with some high level stuff about the new interfaces.

On Thu, Mar 29, 2012 at 3:18 AM, Andrea Aime <andrea.aime@…1268…> wrote:

On Thu, Mar 29, 2012 at 7:25 AM, Justin Deoliveira <jdeolive@anonymised.com> wrote:

Hi all,

I wanted to restart up some discussion about pushing forward on geoserver 2.2 and the current security work that is pending. In terms of GSIP 71 the current feedback is mostly related to documentation work. On the user front the current docs are more of a reference guide and we need to add some more tutorial style docs oriented to users actually configuring the system in different authentication scenarios. On the developer front we need to add docs for the new interfaces and internal api, also adding some tutorials on how to add new types of authentication.

In terms of code christian and I have been working on getting the code in shape and in a state to commit to trunk. We are very close and I think it would certainly be good to start getting it exposure from the other devs to start flushing out issues and focus on stability.

So I am proposing that we commit the work soon even in light of the pending doc changes. Certainly we want to have all the docs in place before 2.2 but I think we can work on that in parallel while at the same time fixing bugs and stabilizing as we move toward 2.2.

Opinions?

Works for me. I just have a concern in terms of developer docs, not for the docs per se, the
questions were more about understanding what can be done developer wise, as a way to
review the interfaces that have been introduced.
Can you elaborate a bit more on the above without having to go and build docs?
One page summary, nothing crazy.

Cheers
Andrea

Ing. Andrea Aime
GeoSolutions S.A.S.
Tech lead

Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy

phone: +39 0584 962313
fax: +39 0584 962313
mob: +39 339 8844549

http://www.geo-solutions.it
http://geo-solutions.blogspot.com/
http://www.youtube.com/user/GeoSolutionsIT
http://www.linkedin.com/in/andreaaime
http://twitter.com/geowolf



Justin Deoliveira
OpenGeo - http://opengeo.org
Enterprise support for open source geospatial.

Here is my first crack at some developer docs for the security stuff. Let me know if this is what you had in mind.

http://echobase.opengeo.org/~jdeolive/geoserver_dev_docs/programming-guide/security/index.html

-Justin

On Thu, Mar 29, 2012 at 9:54 AM, Justin Deoliveira <jdeolive@anonymised.com> wrote:

Cool, that sounds good, I can definitely do that. Will add a page in the developer guide with some high level stuff about the new interfaces.

On Thu, Mar 29, 2012 at 3:18 AM, Andrea Aime <andrea.aime@anonymised.com> wrote:

On Thu, Mar 29, 2012 at 7:25 AM, Justin Deoliveira <jdeolive@anonymised.com…> wrote:

Hi all,

I wanted to restart up some discussion about pushing forward on geoserver 2.2 and the current security work that is pending. In terms of GSIP 71 the current feedback is mostly related to documentation work. On the user front the current docs are more of a reference guide and we need to add some more tutorial style docs oriented to users actually configuring the system in different authentication scenarios. On the developer front we need to add docs for the new interfaces and internal api, also adding some tutorials on how to add new types of authentication.

In terms of code christian and I have been working on getting the code in shape and in a state to commit to trunk. We are very close and I think it would certainly be good to start getting it exposure from the other devs to start flushing out issues and focus on stability.

So I am proposing that we commit the work soon even in light of the pending doc changes. Certainly we want to have all the docs in place before 2.2 but I think we can work on that in parallel while at the same time fixing bugs and stabilizing as we move toward 2.2.

Opinions?

Works for me. I just have a concern in terms of developer docs, not for the docs per se, the
questions were more about understanding what can be done developer wise, as a way to
review the interfaces that have been introduced.
Can you elaborate a bit more on the above without having to go and build docs?
One page summary, nothing crazy.

Cheers
Andrea

Ing. Andrea Aime
GeoSolutions S.A.S.
Tech lead

Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy

phone: +39 0584 962313
fax: +39 0584 962313
mob: +39 339 8844549

http://www.geo-solutions.it
http://geo-solutions.blogspot.com/
http://www.youtube.com/user/GeoSolutionsIT
http://www.linkedin.com/in/andreaaime
http://twitter.com/geowolf



Justin Deoliveira
OpenGeo - http://opengeo.org
Enterprise support for open source geospatial.


Justin Deoliveira
OpenGeo - http://opengeo.org
Enterprise support for open source geospatial.

On Sun, Apr 1, 2012 at 2:25 AM, Justin Deoliveira <jdeolive@anonymised.com1501…> wrote:

Here is my first crack at some developer docs for the security stuff. Let me know if this is what you had in mind.

http://echobase.opengeo.org/~jdeolive/geoserver_dev_docs/programming-guide/security/index.html

Yep. Wow, it’s actually more complex than I thought.
Will there be a GUI to configure all of this?
For example, how does one disable the “default” user provider
and have only the ldap one?

Cheers
Andrea

Ing. Andrea Aime
GeoSolutions S.A.S.
Tech lead

Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy

phone: +39 0584 962313
fax: +39 0584 962313
mob: +39 339 8844549

http://www.geo-solutions.it
http://geo-solutions.blogspot.com/
http://www.youtube.com/user/GeoSolutionsIT
http://www.linkedin.com/in/andreaaime
http://twitter.com/geowolf


On Sun, Apr 1, 2012 at 8:13 AM, Andrea Aime <andrea.aime@anonymised.com> wrote:

On Sun, Apr 1, 2012 at 2:25 AM, Justin Deoliveira <jdeolive@anonymised.com> wrote:

Here is my first crack at some developer docs for the security stuff. Let me know if this is what you had in mind.

http://echobase.opengeo.org/~jdeolive/geoserver_dev_docs/programming-guide/security/index.html

Yep. Wow, it’s actually more complex than I thought.
Will there be a GUI to configure all of this?

Yup, everything discussed is configurable through the ui and the ui has been documented, although there are still a few todos left.

http://echobase.opengeo.org/~jdeolive/geoserver_user_docs/webadmin/security/index.html

For example, how does one disable the “default” user provider
and have only the ldap one?

The docs above are kind of reference style, and perhaps not super helpful from a total beginners standpoint which is why we have started on some tutorials for more directed task, like for instance, how do I configure ldap? Here is the start of that tutorial, still needs some polish.

http://echobase.opengeo.org/~jdeolive/geoserver_user_docs/security/tutorials/ldap/index.html

Again the hope is to get the work committed asap and continue to improve documentation in parallel while we move toward 2.2.

Cheers
Andrea

Ing. Andrea Aime
GeoSolutions S.A.S.
Tech lead

Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy

phone: +39 0584 962313
fax: +39 0584 962313
mob: +39 339 8844549

http://www.geo-solutions.it
http://geo-solutions.blogspot.com/
http://www.youtube.com/user/GeoSolutionsIT
http://www.linkedin.com/in/andreaaime
http://twitter.com/geowolf



Justin Deoliveira
OpenGeo - http://opengeo.org
Enterprise support for open source geospatial.

Big work Justin,

+1

2012/4/2 Justin Deoliveira <jdeolive@anonymised.com>

On Sun, Apr 1, 2012 at 8:13 AM, Andrea Aime <andrea.aime@anonymised.com> wrote:

On Sun, Apr 1, 2012 at 2:25 AM, Justin Deoliveira <jdeolive@anonymised.com> wrote:

Here is my first crack at some developer docs for the security stuff. Let me know if this is what you had in mind.

http://echobase.opengeo.org/~jdeolive/geoserver_dev_docs/programming-guide/security/index.html

Yep. Wow, it’s actually more complex than I thought.
Will there be a GUI to configure all of this?

Yup, everything discussed is configurable through the ui and the ui has been documented, although there are still a few todos left.

http://echobase.opengeo.org/~jdeolive/geoserver_user_docs/webadmin/security/index.html

For example, how does one disable the “default” user provider
and have only the ldap one?

The docs above are kind of reference style, and perhaps not super helpful from a total beginners standpoint which is why we have started on some tutorials for more directed task, like for instance, how do I configure ldap? Here is the start of that tutorial, still needs some polish.

http://echobase.opengeo.org/~jdeolive/geoserver_user_docs/security/tutorials/ldap/index.html

Again the hope is to get the work committed asap and continue to improve documentation in parallel while we move toward 2.2.

Cheers
Andrea

Ing. Andrea Aime
GeoSolutions S.A.S.
Tech lead

Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy

phone: +39 0584 962313
fax: +39 0584 962313
mob: +39 339 8844549

http://www.geo-solutions.it
http://geo-solutions.blogspot.com/
http://www.youtube.com/user/GeoSolutionsIT
http://www.linkedin.com/in/andreaaime
http://twitter.com/geowolf



Justin Deoliveira
OpenGeo - http://opengeo.org
Enterprise support for open source geospatial.


This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here
http://p.sf.net/sfu/sfd2d-msazure


Geoserver-devel mailing list
Geoserver-devel@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel


Francesco Izzi
CNR - IMAA
geoSDI
Direzione Tecnologie e Sviluppo

C.da S. Loja
85050 Tito Scalo - POTENZA (PZ)
Italia

phone: +39 0971427305
fax: +39 0971 427271
mob: +39 3203126609
mail: francesco.izzi@anonymised.com
skype: neofx8080

web: http://www.geosdi.org

On Mon, Apr 2, 2012 at 4:27 AM, Justin Deoliveira <jdeolive@anonymised.com1501…> wrote:

On Sun, Apr 1, 2012 at 8:13 AM, Andrea Aime <andrea.aime@anonymised.com> wrote:

On Sun, Apr 1, 2012 at 2:25 AM, Justin Deoliveira <jdeolive@anonymised.com> wrote:

Here is my first crack at some developer docs for the security stuff. Let me know if this is what you had in mind.

http://echobase.opengeo.org/~jdeolive/geoserver_dev_docs/programming-guide/security/index.html

Yep. Wow, it’s actually more complex than I thought.
Will there be a GUI to configure all of this?

Yup, everything discussed is configurable through the ui and the ui has been documented, although there are still a few todos left.

http://echobase.opengeo.org/~jdeolive/geoserver_user_docs/webadmin/security/index.html

For example, how does one disable the “default” user provider
and have only the ldap one?

The docs above are kind of reference style, and perhaps not super helpful from a total beginners standpoint which is why we have started on some tutorials for more directed task, like for instance, how do I configure ldap? Here is the start of that tutorial, still needs some polish.

http://echobase.opengeo.org/~jdeolive/geoserver_user_docs/security/tutorials/ldap/index.html

Again the hope is to get the work committed asap and continue to improve documentation in parallel while we move toward 2.2.

Nice, go ahead :slight_smile:

Btw, the acme jar* is not available for download from the page it seems

Cheers
Andrea

PS: I always find it amazing how acme can be busy with ldap servers,
jet packs, cannons, flying machines in general and … well, pretty much
everything. They must have some great minds in there!

Ing. Andrea Aime
GeoSolutions S.A.S.
Tech lead

Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy

phone: +39 0584 962313
fax: +39 0584 962313
mob: +39 339 8844549

http://www.geo-solutions.it
http://geo-solutions.blogspot.com/
http://www.youtube.com/user/GeoSolutionsIT
http://www.linkedin.com/in/andreaaime
http://twitter.com/geowolf


On Mon, Apr 2, 2012 at 5:35 AM, Andrea Aime <andrea.aime@anonymised.com> wrote:

On Mon, Apr 2, 2012 at 4:27 AM, Justin Deoliveira <jdeolive@anonymised.com> wrote:

On Sun, Apr 1, 2012 at 8:13 AM, Andrea Aime <andrea.aime@anonymised.com> wrote:

On Sun, Apr 1, 2012 at 2:25 AM, Justin Deoliveira <jdeolive@anonymised.com> wrote:

Here is my first crack at some developer docs for the security stuff. Let me know if this is what you had in mind.

http://echobase.opengeo.org/~jdeolive/geoserver_dev_docs/programming-guide/security/index.html

Yep. Wow, it’s actually more complex than I thought.
Will there be a GUI to configure all of this?

Yup, everything discussed is configurable through the ui and the ui has been documented, although there are still a few todos left.

http://echobase.opengeo.org/~jdeolive/geoserver_user_docs/webadmin/security/index.html

For example, how does one disable the “default” user provider
and have only the ldap one?

The docs above are kind of reference style, and perhaps not super helpful from a total beginners standpoint which is why we have started on some tutorials for more directed task, like for instance, how do I configure ldap? Here is the start of that tutorial, still needs some polish.

http://echobase.opengeo.org/~jdeolive/geoserver_user_docs/security/tutorials/ldap/index.html

Again the hope is to get the work committed asap and continue to improve documentation in parallel while we move toward 2.2.

Nice, go ahead :slight_smile:

Btw, the acme jar* is not available for download from the page it seems

Cool, thanks. And right… need to get that jar uploaded. On the todo list.

Cheers
Andrea

PS: I always find it amazing how acme can be busy with ldap servers,
jet packs, cannons, flying machines in general and … well, pretty much
everything. They must have some great minds in there!

Haha… indeed. They really know to make some good products over there… my favorite is the 1000lb anvil :slight_smile:

Ing. Andrea Aime
GeoSolutions S.A.S.
Tech lead

Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy

phone: +39 0584 962313
fax: +39 0584 962313
mob: +39 339 8844549

http://www.geo-solutions.it
http://geo-solutions.blogspot.com/
http://www.youtube.com/user/GeoSolutionsIT
http://www.linkedin.com/in/andreaaime
http://twitter.com/geowolf



Justin Deoliveira
OpenGeo - http://opengeo.org
Enterprise support for open source geospatial.