[Geoserver-devel] GeoTools / GeoServer Meeting 2014-01-21

Ben_Caradoc-Davies · January 21, 2014, 1:52pm

GeoTools / GeoServer Meeting 2014-01-21

Attending
---------

Ben Caradoc-Davies
Jukka Rahkonen
Andrea Aime
Alessio Fabiani
Jody Garnett

Agenda
------

- GeoTools 11-beta / GeoServer 2.5-beta / GWC 1.5.1
- GeoTools 10.4 / GeoServer 2.4.4
- Security subsystem feedback
- Wicket upgrade
- Code sprint
- Release schedule
- Locationtech
- New rasteriser

GeoTools 11-beta / GeoServer 2.5-beta / GWC 1.5.1 + GeoTools 10.4 / GeoServer 2.4.4
-------------------------------------------------

http://blog.geoserver.org/2014/01/21/geoserver-2-5-beta-released/
http://geotoolsnews.blogspot.com.au/2014/01/geotools-11-beta-released.html

- Thanks, Andrea!
- Master locked down for a month or so.
- Jody volunteered to do the next RC:
http://geoserver.org/display/GEOS/GeoTools+and+GeoServer+release+schedule
- Still looking for a volunteer for 2.4.5.

Security subsystem feedback
---------------------------

- Jody and Ben sharing experiences.
Ben's gripes (Puppet auto deployment):
- Security documentation sorely lacking.
- No RESTful API for security.
- File format documentation out of date.

Wicket upgrade
--------------

- Old version broken with modern browsers.
- They are now up to version 6, we are on 1.4.

Code sprint
-----------

- Code sprint? Perhaps weekend before foss4g

Release schedule
----------------

- Andrea's proposal: Release Schedule V2 (with PDF)
- one development branch, two stable (stable and LTS) with alternating releases

Locationtech
------------

- Jody looking at IP tickets, problems, early morning Thurday meeting
- vecmath problems
- other examples, removing classes

New rasteriser
--------------

- Andrea helping others work on a new rasteriser to replace Oracle closed source version.
- Removes scalability issues.
- Replaces part of JDK without having to install custom JDK, using -Xbootclasspath
- Without having to wait for Oracle.
- Andrea helped by doing the scalability testing and use of -Xbootclasspath
- Jody: please give a presentation
- Back in the game for performance shootouts.
- Andrea: almost doubled peak performance (FOSS4G 2010 benchmarks)
- Ben: beautiful IGN map from a few weeks ago?
- Andrea: IGN would not give data but offered a blog post; they used a large array of SLDs, labels placed with long computations using proprietary preprocessing tools, GeoServer for coarse labelling

--
Ben Caradoc-Davies <Ben.Caradoc-Davies@anonymised.com>
Software Engineer
CSIRO Earth Science and Resource Engineering
Australian Resources Research Centre

Justin_Deoliveira · January 21, 2014, 2:56pm

Apologies for my lack of attendance once again. It looks like making the meeting while not on daylight savings time isn’t really doable for me. I know Ben and Jody have to attend the meeting late in their day so out of respect for them feel free to change the meeting time to something that works better for them.

···

On Tue, Jan 21, 2014 at 6:52 AM, <Ben.Caradoc-Davies@anonymised.com> wrote:

GeoTools / GeoServer Meeting 2014-01-21

Attending

Ben Caradoc-Davies
Jukka Rahkonen
Andrea Aime
Alessio Fabiani
Jody Garnett

Agenda

GeoTools 11-beta / GeoServer 2.5-beta / GWC 1.5.1

GeoTools 10.4 / GeoServer 2.4.4

Security subsystem feedback

Wicket upgrade

Code sprint

Release schedule

Locationtech

New rasteriser

GeoTools 11-beta / GeoServer 2.5-beta / GWC 1.5.1 + GeoTools 10.4 / GeoServer 2.4.4

http://blog.geoserver.org/2014/01/21/geoserver-2-5-beta-released/
http://geotoolsnews.blogspot.com.au/2014/01/geotools-11-beta-released.html

Thanks, Andrea!

Master locked down for a month or so.

Jody volunteered to do the next RC:
http://geoserver.org/display/GEOS/GeoTools+and+GeoServer+release+schedule

Still looking for a volunteer for 2.4.5.

Security subsystem feedback

Jody and Ben sharing experiences.
Ben’s gripes (Puppet auto deployment):

Security documentation sorely lacking.

No RESTful API for security.

File format documentation out of date.

Wicket upgrade

Old version broken with modern browsers.

They are now up to version 6, we are on 1.4.

Code sprint

Code sprint? Perhaps weekend before foss4g

Release schedule

Andrea’s proposal: Release Schedule V2 (with PDF)

one development branch, two stable (stable and LTS) with alternating releases

Locationtech

Jody looking at IP tickets, problems, early morning Thurday meeting

vecmath problems

other examples, removing classes

New rasteriser

Andrea helping others work on a new rasteriser to replace Oracle closed source version.

Removes scalability issues.

Replaces part of JDK without having to install custom JDK, using -Xbootclasspath

Without having to wait for Oracle.

Andrea helped by doing the scalability testing and use of -Xbootclasspath

Jody: please give a presentation

Back in the game for performance shootouts.

Andrea: almost doubled peak performance (FOSS4G 2010 benchmarks)

Ben: beautiful IGN map from a few weeks ago?

Andrea: IGN would not give data but offered a blog post; they used a large array of SLDs, labels placed with long computations using proprietary preprocessing tools, GeoServer for coarse labelling

–
Ben Caradoc-Davies Ben.Caradoc-Davies@anonymised.com
Software Engineer
CSIRO Earth Science and Resource Engineering
Australian Resources Research Centre

CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk

Geoserver-devel mailing list
Geoserver-devel@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

–

Justin Deoliveira
Vice President, Engineering | Boundless
jdeolive@anonymised.com
@j_deolive

Ben_Caradoc-Davies · January 22, 2014, 1:02am

No worries, Justin. 06:00 is a pretty brutal start for a morning meeting!

On 21/01/14 22:56, Justin Deoliveira wrote:

Apologies for my lack of attendance once again. It looks like making the
meeting while not on daylight savings time isn't really doable for me. I
know Ben and Jody have to attend the meeting late in their day so out of
respect for them feel free to change the meeting time to something that
works better for them.

--
Ben Caradoc-Davies <Ben.Caradoc-Davies@anonymised.com>
Software Engineer
CSIRO Earth Science and Resource Engineering
Australian Resources Research Centre

Christian_Mueller · January 22, 2014, 2:18pm

Hi all, some comments about the security subsystem

I am quite unlucky with the situation too. The problem is that funding has stopped abruptly and unexpectedly. (Like a sudden death in ice hockey). I had a part time contract for 20 hours each weak and I was in the situation to push this work.

Reworking the security documentation is quite time consuming and I can do it only in my spare time. I dont even want to think about the REST interface. And of course, I have to do paid work first.

Ben, can you tell me which file formats you are meaning.

Sorry for the inconvenience.

Christian

···

On Wed, Jan 22, 2014 at 2:02 AM, Ben Caradoc-Davies <Ben.Caradoc-Davies@anonymised.com> wrote:

No worries, Justin. 06:00 is a pretty brutal start for a morning meeting!

On 21/01/14 22:56, Justin Deoliveira wrote:

Apologies for my lack of attendance once again. It looks like making the
meeting while not on daylight savings time isn’t really doable for me. I
know Ben and Jody have to attend the meeting late in their day so out of
respect for them feel free to change the meeting time to something that
works better for them.

–
Ben Caradoc-Davies Ben.Caradoc-Davies@anonymised.com
Software Engineer
CSIRO Earth Science and Resource Engineering
Australian Resources Research Centre

CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk

Geoserver-devel mailing list
Geoserver-devel@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

jive · January 22, 2014, 5:25pm

We can also say this in a positive fashion, the security subsystem is great and can be made a great deal more accessible.
My main feedback is that he user interface matches the code, rather than what users are trying to do.

···

Jody Garnett

On Thu, Jan 23, 2014 at 1:18 AM, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi all, some comments about the security subsystem

I am quite unlucky with the situation too. The problem is that funding has stopped abruptly and unexpectedly. (Like a sudden death in ice hockey). I had a part time contract for 20 hours each weak and I was in the situation to push this work.

Reworking the security documentation is quite time consuming and I can do it only in my spare time. I dont even want to think about the REST interface. And of course, I have to do paid work first.

Ben, can you tell me which file formats you are meaning.

Sorry for the inconvenience.

Christian

CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk

Geoserver-devel mailing list
Geoserver-devel@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

On Wed, Jan 22, 2014 at 2:02 AM, Ben Caradoc-Davies <Ben.Caradoc-Davies@anonymised.com> wrote:

No worries, Justin. 06:00 is a pretty brutal start for a morning meeting!

On 21/01/14 22:56, Justin Deoliveira wrote:

Apologies for my lack of attendance once again. It looks like making the
meeting while not on daylight savings time isn’t really doable for me. I
know Ben and Jody have to attend the meeting late in their day so out of
respect for them feel free to change the meeting time to something that
works better for them.

–
Ben Caradoc-Davies Ben.Caradoc-Davies@anonymised.com
Software Engineer
CSIRO Earth Science and Resource Engineering
Australian Resources Research Centre

CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk

Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

Ben_Caradoc-Davies · January 23, 2014, 2:09am

Thanks, Christian. The security functionality is great!

Small improvements to the documentation would help. A simple use case that we encountered was changing the administrator password as part of a puppet-based automatic deployment of a public-facing geoserver instance. The documentation currently refers to masterpw.info, which we could not find and which, when created, was not used. Monitoring filesystem changes when the administrator password was changed ("find data/security -mmin -1") allowed us to locate the XML containing the serialised administrator password:

security/usergroups/default/users.xml

To change the administrator password to (for example) "s3cr3t", in the deployment process we changed the "user" element to:

The security documentation was a great help as it described the plain password scheme:
http://docs.geoserver.org/latest/en/user/security/passwd.html#plain-text

This technique would also help the common case of a forgotten administrator password.

Kind regards,
Ben.

On 22/01/14 22:18, Christian Mueller wrote:

Hi all, some comments about the security subsystem

I am quite unlucky with the situation too. The problem is that funding
has stopped abruptly and unexpectedly. (Like a sudden death in ice
hockey). I had a part time contract for 20 hours each weak and I was in
the situation to push this work.

Reworking the security documentation is quite time consuming and I can
do it only in my spare time. I dont even want to think about the REST
interface. And of course, I have to do paid work first.

Ben, can you tell me which file formats you are meaning.

Sorry for the inconvenience.

Christian

--
Ben Caradoc-Davies <Ben.Caradoc-Davies@anonymised.com>
Software Engineer
CSIRO Earth Science and Resource Engineering
Australian Resources Research Centre

Ben_Caradoc-Davies · January 23, 2014, 3:52am

For some of us, xml files *are* the user interface.

On 23/01/14 01:25, Jody Garnett wrote:

My main feedback is that he user interface matches the code, rather than
what users are trying to do.

--
Ben Caradoc-Davies <Ben.Caradoc-Davies@anonymised.com>
Software Engineer
CSIRO Earth Science and Resource Engineering
Australian Resources Research Centre

[Geoserver-devel] GeoTools / GeoServer Meeting 2014-01-21

GeoTools / GeoServer Meeting 2014-01-21

GeoTools / GeoServer Meeting 2014-01-21

Attending

Agenda

GeoTools 11-beta / GeoServer 2.5-beta / GWC 1.5.1 + GeoTools 10.4 / GeoServer 2.4.4

Security subsystem feedback

Wicket upgrade

Code sprint

Release schedule

Locationtech

New rasteriser

– Ben Caradoc-Davies Ben.Caradoc-Davies@anonymised.com Software Engineer CSIRO Earth Science and Resource Engineering Australian Resources Research Centre

–
Ben Caradoc-Davies Ben.Caradoc-Davies@anonymised.com
Software Engineer
CSIRO Earth Science and Resource Engineering
Australian Resources Research Centre