Hi,
a few days ago I proposed a new GeoTools community module that implements
a client (data store) for the Simple Feature Service
(http://geo-solutions.blogspot.com/2010/11/simplefeatureservice-yet-another.html).
One of the reactions was that there is no open source implementation
of the server
side. Not good in fact.
However, the protocol is meant to be quick and easy to implement, so yesterday
I gave it a crack and after a few hours I had a seemingly working implementation
built on top of GeoServer rest module and gt-geojson (seemingly
because atm I still did not
have the time to put the store and the server side togheter for a test drive,
and it has no tests at all, but it was working as expected with the few test
requests I made in a browser).
I propose to add this module to GeoServer as a community module for the time
being. Eventually I'll add tests and hopefully start gathering some tech
feedback on the protocol itself (there are a few things that I'm not
too happy about in the
protocol, but I'll leave them there, so that I can see if anyone is
actually looking
seriously at it and reporting them back ;-p )
Ah, one thing, the protocol is not meant for admin types yet
everything in GeoServer
rest is locked down so that only the admin can use it.
Seems like a little excessive to me. I know we can configure the rest security
to behave differently by changing a rest.properties file, but is there any way
to put a service out that makes it unsecured by default, instead of
admin only by default?
(just like wms and wfs are in fact?)
Cheers
Andrea
-----------------------------------------------------
Ing. Andrea Aime
Senior Software Engineer
GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
As for not locking it down by default I agree we should not. It should be doable i believe if we add the new service under a different path than “rest” (which is now possible on trunk without editing web.xml). Something like “/sfs” perhaps?
I think then the security config that engates for rest will skip it … (i am not actually 100% sure of this).
Hi,
a few days ago I proposed a new GeoTools community module that implements
a client (data store) for the Simple Feature Service
(http://geo-solutions.blogspot.com/2010/11/simplefeatureservice-yet-another.html).
One of the reactions was that there is no open source implementation
of the server
side. Not good in fact.
However, the protocol is meant to be quick and easy to implement, so yesterday
I gave it a crack and after a few hours I had a seemingly working implementation
built on top of GeoServer rest module and gt-geojson (seemingly
because atm I still did not
have the time to put the store and the server side togheter for a test drive,
and it has no tests at all, but it was working as expected with the few test
requests I made in a browser).
I propose to add this module to GeoServer as a community module for the time
being. Eventually I’ll add tests and hopefully start gathering some tech
feedback on the protocol itself (there are a few things that I’m not
too happy about in the
protocol, but I’ll leave them there, so that I can see if anyone is
actually looking
seriously at it and reporting them back ;-p )
Ah, one thing, the protocol is not meant for admin types yet
everything in GeoServer
rest is locked down so that only the admin can use it.
Seems like a little excessive to me. I know we can configure the rest security
to behave differently by changing a rest.properties file, but is there any way
to put a service out that makes it unsecured by default, instead of
admin only by default?
(just like wms and wfs are in fact?)
Cheers
Andrea
Ing. Andrea Aime
Senior Software Engineer
GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
What happens now with your Lotus Notes apps - do you make another costly
upgrade, or settle for being marooned without product support? Time to move
off Lotus Notes and onto the cloud with Force.com, apps are easier to build,
use, and manage than apps on traditional platforms. Sign up for the Lotus
Notes Migration Kit to learn more. http://p.sf.net/sfu/salesforce-d2d
+1 on the new module. Good luck solving the security conundrum.
On 06/12/10 19:48, Andrea Aime wrote:
Hi,
a few days ago I proposed a new GeoTools community module that implements
a client (data store) for the Simple Feature Service
(http://geo-solutions.blogspot.com/2010/11/simplefeatureservice-yet-another.html).
One of the reactions was that there is no open source implementation
of the server
side. Not good in fact.
However, the protocol is meant to be quick and easy to implement, so yesterday
I gave it a crack and after a few hours I had a seemingly working implementation
built on top of GeoServer rest module and gt-geojson (seemingly
because atm I still did not
have the time to put the store and the server side togheter for a test drive,
and it has no tests at all, but it was working as expected with the few test
requests I made in a browser).
I propose to add this module to GeoServer as a community module for the time
being. Eventually I'll add tests and hopefully start gathering some tech
feedback on the protocol itself (there are a few things that I'm not
too happy about in the
protocol, but I'll leave them there, so that I can see if anyone is
actually looking
seriously at it and reporting them back ;-p )
Ah, one thing, the protocol is not meant for admin types yet
everything in GeoServer
rest is locked down so that only the admin can use it.
Seems like a little excessive to me. I know we can configure the rest security
to behave differently by changing a rest.properties file, but is there any way
to put a service out that makes it unsecured by default, instead of
admin only by default?
(just like wms and wfs are in fact?)
Cheers
Andrea
-----------------------------------------------------
Ing. Andrea Aime
Senior Software Engineer
GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
------------------------------------------------------------------------------
What happens now with your Lotus Notes apps - do you make another costly
upgrade, or settle for being marooned without product support? Time to move
off Lotus Notes and onto the cloud with Force.com, apps are easier to build,
use, and manage than apps on traditional platforms. Sign up for the Lotus
Notes Migration Kit to learn more. http://p.sf.net/sfu/salesforce-d2d
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel
--
Ben Caradoc-Davies <Ben.Caradoc-Davies@anonymised.com>
Software Engineering Team Leader
CSIRO Earth Science and Resource Engineering
Australian Resources Research Centre
it seems that we've captured one concern when dealing with another -
rest and configuration management are independent concepts, and we've
either applied policy to REST, where we want to apply it to config, or
we've named a config interface after the protocol. Worth fixing at
some stage - but if you want to keep backwards compatibility you want
to loosen the security on the REST interface, to apply separate
policies on different functions delivered by it.
Rob
On Tue, Dec 7, 2010 at 2:34 AM, Justin Deoliveira <jdeolive@anonymised.com> wrote:
+1 on the new module.
As for not locking it down by default I agree we should not. It should be
doable i believe if we add the new service under a different path than
"rest" (which is now possible on trunk without editing web.xml). Something
like "/sfs" perhaps?
I think then the security config that engates for rest will skip it ... (i
am not actually 100% sure of this).
-Justin
On Mon, Dec 6, 2010 at 4:48 AM, Andrea Aime <andrea.aime@anonymised.com>
wrote:
Hi,
a few days ago I proposed a new GeoTools community module that implements
a client (data store) for the Simple Feature Service
However, the protocol is meant to be quick and easy to implement, so
yesterday
I gave it a crack and after a few hours I had a seemingly working
implementation
built on top of GeoServer rest module and gt-geojson (seemingly
because atm I still did not
have the time to put the store and the server side togheter for a test
drive,
and it has no tests at all, but it was working as expected with the few
test
requests I made in a browser).
I propose to add this module to GeoServer as a community module for the
time
being. Eventually I'll add tests and hopefully start gathering some tech
feedback on the protocol itself (there are a few things that I'm not
too happy about in the
protocol, but I'll leave them there, so that I can see if anyone is
actually looking
seriously at it and reporting them back ;-p )
Ah, one thing, the protocol is not meant for admin types yet
everything in GeoServer
rest is locked down so that only the admin can use it.
Seems like a little excessive to me. I know we can configure the rest
security
to behave differently by changing a rest.properties file, but is there any
way
to put a service out that makes it unsecured by default, instead of
admin only by default?
(just like wms and wfs are in fact?)
Cheers
Andrea
-----------------------------------------------------
Ing. Andrea Aime
Senior Software Engineer
GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
------------------------------------------------------------------------------
What happens now with your Lotus Notes apps - do you make another costly
upgrade, or settle for being marooned without product support? Time to
move
off Lotus Notes and onto the cloud with Force.com, apps are easier to
build,
use, and manage than apps on traditional platforms. Sign up for the Lotus
Notes Migration Kit to learn more. http://p.sf.net/sfu/salesforce-d2d
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel
--
Justin Deoliveira
OpenGeo - http://opengeo.org
Enterprise support for open source geospatial.
------------------------------------------------------------------------------
What happens now with your Lotus Notes apps - do you make another costly
upgrade, or settle for being marooned without product support? Time to move
off Lotus Notes and onto the cloud with Force.com, apps are easier to build,
use, and manage than apps on traditional platforms. Sign up for the Lotus
Notes Migration Kit to learn more. http://p.sf.net/sfu/salesforce-d2d
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel
I propose to add this module to GeoServer as a community module for the time
being. Eventually I'll add tests and hopefully start gathering some tech
feedback on the protocol itself.
+1 And I think this will be a popular alternative to wfs/gml combo.