Hey-
I'd be interested to hear thoughts on an architecture proposal for GeoServer:
http://geoserver.org/display/GEOSDOC/GeoServer+Resources
This builds off of work that David Winslow has been doing and has written up here:
http://geoserver.org/display/GEOSDOC/RESTful+User+Management+API
http://geoserver.org/display/GEOSDOC/RESTful+Configuration+API
Though on the surface it may not appear that different, I've written it up as though GeoServer has a single web interface - not separating out an API from a user interface. There are also a few new ideas in there that I'm interested to hear feedback on.
1) I think it would be cool to think big picture style about how a data config API and user managment API fit in to the rest of GeoServer's web interface. Largely, this is about tucking things in the /api path - which suggests that there should be a different interface for non-programmed users. I like the idea that GeoServer exposes a number of resources through one interface on the web - and that the same interface is useful for humans and machines.
2) I think it makes sense to have one set of resources related to configuring data (workspaces) and one set related to publishing layers (maps). The name "workspaces" captures the meaning of a resource for the configuration of layer collections a bit better for me than "folders" - where that collection can be a database connection, a disk based folder, or a group of remote layers via an OGC service. Workspaces (places to configure data typically restricted to an administrator) are distinguished from maps (collections of published layers typically accessible by an anonymous user).
3) I know (I'm pretty sure) the idea of collecting layers together in "maps" would be a new feature for GeoServer. I think this idea is one that most users of ESRI products (ArcIMS or ArcGIS Server) and MapServer come to expect. In addition to having access to the resources in a map (layers, users, projections, styles) through a RESTful interface, GeoServer could provide OGC services based on maps. So http://host/geoserver/maps/political/layers would provide a list of layers in a political map and http://host/geoserver/maps/political?SERVICE=WMS&… would be a WMS endpoint.
4) I also don't know squat about auth/auth in GeoServer, but it seems to me like it would be pretty handy to expose a "groups" resource (and/or "roles") next to the users resource. Then every other resource (with the exception of individual features perhaps) could have a "permissions" resource that described how each group (or role) was limited by verb (get, post, put, delete) - with an option for inheritance from a parent resource. I may be naive, but that seems like a pretty nice way to control security.
5) We're currently doing some work on style configuration. I like the idea of having a collection of styles at /geoserver/styles and then assigning named styles to layers through the /geoserver/maps/<name>/layers/<name>/styles resource. The styles could have a short name for WMS (because those are unique in the /geoserver/styles collection) and could also be resolved by it's complete URL.
Thanks for any feedback.
Tim