Hi,
My name is Firas El Khalil, I'm a PhD candidate at the University of
French Polynesia, and currently working on geographic inforlation
security.
Excuse me if I'm posting at the wrong mailing list, but I really
couldn't find any other place to interact with developers. If there
exists another place to address my problem please point me to it
I am going for a fast implementation of an access control model for
geographic information (and that's something that I didn't personally
worked on, but we need a prototype in the lab asap), but the problem is
I can't get to understand how would I implement it with geoserver. The
documentation didn't help me a lot.
So first of all, let me explain what I have in mind:
-I want to use OpenLayers to access my geroserver (server, hereafter).
-The request should be
-intercepted by my module
-forwarded for the server
-The server's response is intercepted by my module
-My module will:
-apply various access control policies on data intercepted from the
request interception phase
-the identify identify actions to be taken on data returned by the
response interception phase
-apply modifications
-return the result to OpenLayers
I will be working mainly on vector data.
Maybe what I have is completely inefficient or maybe unattainable with
geoserver. I hope you've got the idea.
Keep in mind that it's a prototype and not an integration solution, so
I'm looking for something relatively simple. Anyhow, I'm open to all
suggestions.
Thank you in advance.
--
Firas Al Khalil
Doctorant en Informatique
Laboratoire GePaSUD
Université de la Polynésie Française
email: firas.khalil@anonymised.com
On Thu, Mar 22, 2012 at 2:34 AM, Firas El Khalil <firas.khalil@anonymised.com> wrote:
Hi,
My name is Firas El Khalil, I’m a PhD candidate at the University of
French Polynesia, and currently working on geographic inforlation
security.
Excuse me if I’m posting at the wrong mailing list, but I really
couldn’t find any other place to interact with developers. If there
exists another place to address my problem please point me to it
I am going for a fast implementation of an access control model for
geographic information (and that’s something that I didn’t personally
worked on, but we need a prototype in the lab asap), but the problem is
I can’t get to understand how would I implement it with geoserver. The
documentation didn’t help me a lot.
So first of all, let me explain what I have in mind:
-I want to use OpenLayers to access my geroserver (server, hereafter).
-The request should be
-intercepted by my module
-forwarded for the server
-The server’s response is intercepted by my module
-My module will:
-apply various access control policies on data intercepted from the
request interception phase
-the identify identify actions to be taken on data returned by the
response interception phase
-apply modifications
-return the result to OpenLayers
I will be working mainly on vector data.
Maybe what I have is completely inefficient or maybe unattainable with
geoserver. I hope you’ve got the idea.
Keep in mind that it’s a prototype and not an integration solution, so
I’m looking for something relatively simple. Anyhow, I’m open to all
suggestions.
You should probably look at this paper:
http://demo.geo-solutions.it/share/securing_geoserver.pdf
and I guess what you are trying to do is already available as open source
(both in the proxy version and the integrated version, if you get the source
version, the released version I think it’s just a proxy):
http://istgeo.ist.supsi.ch/site/projects/geoshield
Here you can find a description of a bit more sophisticated integrated security
subsystem too, whose sources are not available though:
http://geo-solutions.blogspot.it/2011/05/preview-georepository-advanced.html
Cheers
Andrea
–
Ing. Andrea Aime
GeoSolutions S.A.S.
Tech lead
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 962313
mob: +39 339 8844549
http://www.geo-solutions.it
http://geo-solutions.blogspot.com/
http://www.youtube.com/user/GeoSolutionsIT
http://www.linkedin.com/in/andreaaime
http://twitter.com/geowolf
On Sun, 2012-03-25 at 10:06 +0200, Andrea Aime wrote:
On Thu, Mar 22, 2012 at 2:34 AM, Firas El Khalil <firas.khalil@anonymised.com>
wrote:
Hi,
My name is Firas El Khalil, I'm a PhD candidate at the
University of
French Polynesia, and currently working on geographic
inforlation
security.
Excuse me if I'm posting at the wrong mailing list, but I
really
couldn't find any other place to interact with developers. If
there
exists another place to address my problem please point me to
it
I am going for a fast implementation of an access control
model for
geographic information (and that's something that I didn't
personally
worked on, but we need a prototype in the lab asap), but the
problem is
I can't get to understand how would I implement it with
geoserver. The
documentation didn't help me a lot.
So first of all, let me explain what I have in mind:
-I want to use OpenLayers to access my geroserver (server,
hereafter).
-The request should be
-intercepted by my module
-forwarded for the server
-The server's response is intercepted by my module
-My module will:
-apply various access control policies on data
intercepted from the
request interception phase
-the identify identify actions to be taken on data
returned by the
response interception phase
-apply modifications
-return the result to OpenLayers
I will be working mainly on vector data.
Maybe what I have is completely inefficient or maybe
unattainable with
geoserver. I hope you've got the idea.
Keep in mind that it's a prototype and not an integration
solution, so
I'm looking for something relatively simple. Anyhow, I'm open
to all
suggestions.
You should probably look at this paper:
http://demo.geo-solutions.it/share/securing_geoserver.pdf
and I guess what you are trying to do is already available as open
source
(both in the proxy version and the integrated version, if you get the
source
version, the released version I think it's just a proxy):
http://istgeo.ist.supsi.ch/site/projects/geoshield
Here you can find a description of a bit more sophisticated integrated
security
subsystem too, whose sources are not available though:
http://geo-solutions.blogspot.it/2011/05/preview-georepository-advanced.html
Cheers
Andrea
--
-------------------------------------------------------
Ing. Andrea Aime
GeoSolutions S.A.S.
Tech lead
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 962313
mob: +39 339 8844549
http://www.geo-solutions.it
http://geo-solutions.blogspot.com/
http://www.youtube.com/user/GeoSolutionsIT
http://www.linkedin.com/in/andreaaime
http://twitter.com/geowolf
-------------------------------------------------------
Thanks a lot.
The thing is we're implementing a new access control model, you can
think about it as RBAC on steroids
Hoping that your sources could help me.
cheers,
--
Firas Al Khalil
Doctorant en Informatique
Laboratoire GePaSUD
Université de la Polynésie Française
email: firas.khalil@anonymised.com