[Geoserver-devel] New security subsystem in (now can I have feedback, pretty please?) :-)

Hi,
the new security subsystem has been merged onto trunk.
You can find some documentation about it here:
http://docs.codehaus.org/display/GEOSDEV/Geoserver+security+implementation%2C+initial+version

Now, the initial implementaion is sure a step forward, yet
it's incomplete in many ways:
* lack of SSL support. This should be easy to add thought, at
least for the web console, yet I'm not sure how we should allow configuration of SSL on the service/data level (that is, how do you
specify a certain data/service combination has to be run on SSL).
* lack of data security. This would be relatively straigthforward
   to support too is we limited ourselves to a configuratoin like:
   namespace + data + role -> (read/write allowed or not)
   which could be easily expressed in another proprerty file.
   Yet, we would leave outside the possibily to hide just certain
   features, or certain attributes. That would definitely push
   us beyond the simple property file thought, an XML of some sort
   would be needed.
* passwords are kept in cleartext (just like before), but it would
   be better to keep them encrypted instead. We would need an UI for
   this.

So, most of the stuff we could add boils down to more config or
more UI, two subsystems we're going to change soon (and no, I
won't make an UI for those property files in Struts unless OpenPlans
orders me to do so, ok? :slight_smile: )

Soo... how are we going to approach this? I'm open to suggestions.
Cheers
Andrea