[Geoserver-devel] proposal: Layer with Service Security

Hello Group,

There has been a request to allow a basic combination of layer and service security in the integrated geoserver security subsystem.
I have made a proposal to that end:

https://github.com/geoserver/geoserver/wiki/GSIP-125---Layer-with-Service-Security

In summary, the proposal is to extend layer security to support service/operation specificity and leave the existing service security intact.
As you can see in the proposal there is still a discussion to be had as to how certain rules will interact, but I have made a suggestion for what I think is the most logical solution.

Please offer me your feedback.

Kind Regards
NIels

Ciao Niels,
we discussed this a little bit and there is some feedback I would like
to report fro me:

- In the motivation section you mention "It is currently possible to
accomplish this using a third party security subsystem". Well, we
contributed GeoFence to the GeoServer codebase hence is not really a
third party tool; we are about to ask the community to bring to
standard extension status (which means docs + more tests) as we have
currently more than 3 users relying on it and we have plans for
tighter integration in GeoServer.
- Given what I said above there is a clear duplication of efforts
ahead of us and I would like to hear a few words on how we can
mitigate it (especially since you have some knowledge of GeoFance) if
not resolve it.

I don't want to act as a showstopper but the proposal to be
accepatable from my side needs to addres my concerns above more
thoroughly.

Regards,
Simone Giannecchini

GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.

Please, notice that GeoSolutions will be closed for seasonal holidays
from December the 24th to January the 6th

Ing. Simone Giannecchini
@simogeo
Founder/Director

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 333 8128928

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

-------------------------------------------------------
AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate.
Il loro utilizzo è consentito esclusivamente al destinatario del
messaggio, per le finalità indicate nel messaggio stesso. Qualora
riceviate questo messaggio senza esserne il destinatario, Vi preghiamo
cortesemente di darcene notizia via e-mail e di procedere alla
distruzione del messaggio stesso, cancellandolo dal Vostro sistema.
Conservare il messaggio stesso, divulgarlo anche in parte,
distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità
diverse, costituisce comportamento contrario ai principi dettati dal
D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely
for the attention and use of the named addressee(s) and may be
confidential or proprietary in nature or covered by the provisions of
privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New
Data Protection Code).Any use not in accord with its purpose, any
disclosure, reproduction, copying, distribution, or either
dissemination, either whole or partial, is strictly forbidden except
previous formal approval of the named addressee(s). If you are not the
intended recipient, please contact immediately the sender by
telephone, fax or e-mail and delete the information in this message
that has been received in error. The sender does not give any warranty
or accept liability as the content, accuracy or completeness of sent
messages and accepts no responsibility for changes made after they
were sent or for other risks which arise as a result of e-mail
transmission, viruses, etc.

On Tue, Jan 20, 2015 at 3:53 PM, Niels Charlier <niels@anonymised.com> wrote:

Hello Group,

There has been a request to allow a basic combination of layer and
service security in the integrated geoserver security subsystem.
I have made a proposal to that end:

https://github.com/geoserver/geoserver/wiki/GSIP-125---Layer-with-Service-Security

In summary, the proposal is to extend layer security to support
service/operation specificity and leave the existing service security
intact.
As you can see in the proposal there is still a discussion to be had as
to how certain rules will interact, but I have made a suggestion for
what I think is the most logical solution.

Please offer me your feedback.

Kind Regards
NIels

------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

This is interesting Niels - it has been a trouble in each training course I have done (communicating why security is split across service and layer).
I will read the proposal and get back to the list (I have been focused on the beta release).

···

On Tue, Jan 20, 2015 at 6:53 AM, Niels Charlier <niels@anonymised.com> wrote:

Hello Group,

There has been a request to allow a basic combination of layer and
service security in the integrated geoserver security subsystem.
I have made a proposal to that end:

https://github.com/geoserver/geoserver/wiki/GSIP-125—Layer-with-Service-Security

In summary, the proposal is to extend layer security to support
service/operation specificity and leave the existing service security
intact.
As you can see in the proposal there is still a discussion to be had as
to how certain rules will interact, but I have made a suggestion for
what I think is the most logical solution.

Please offer me your feedback.

Kind Regards
NIels


New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet


Geoserver-devel mailing list
Geoserver-devel@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel


Jody Garnett
Technical Lead | Boundless
jgarnett@anonymised.com
877-673-6436
@jodygarnett

On Wed, Jan 21, 2015 at 10:41 PM, Jody Garnett <jgarnett@anonymised.com>
wrote:

This is interesting Niels - it has been a trouble in each training course
I have done (communicating why security is split across service and layer).

As a curiosity, the implemention is done like this because of the
requirements we got back then, and the restricted funding allowed
to implement the authorization subsystem, it was way easier to implement
the two aspects of security separately, than
to to mix them togheter.

Cheers
Andrea

--

GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*

Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.

-------------------------------------------------------

On Tue, Jan 20, 2015 at 3:53 PM, Niels Charlier <niels@anonymised.com> wrote:

Hello Group,

There has been a request to allow a basic combination of layer and
service security in the integrated geoserver security subsystem.
I have made a proposal to that end:

https://github.com/geoserver/geoserver/wiki/GSIP-125---Layer-with-Service-Security

I'm very concerned about the suggested syntax and the mixing rules
interpretations,
the current design is significantly simpler and should not be broken.

The current rules use a simple "most specific rule wins" approach, which
can and
should be maintained.
The syntax should be:

workspace.layer[.service.request].r/w/a

The r/w/a should be maintained as knowing the request service and request
tells
you if the action is read/write/admin only in the common cases, but won't
work
for WPS processes, which can do pretty much all three operations inside.

So if someone writes something like this:

topp.states.r=ROLE_RESTRICTED
topp.states.wms.GetCapabilities.r=*
topp.states.wms.GetMap.r=*

It would mean that reading the topp:states layer is normally not allowed,
unless
one is using WMS GetCapabilities/GetMap.

It is also to be stressed in the proposal that the * cannot be placed
randomly,
if one starts with * everything after it must be a * too, as the
authorization subsystem
is hierarchical (see SecureTreeNode), it would not be able to match a rule
such as:

*.states.wms.GetMap.r=ROLE_WHATHEVER

This is the reason why we want to push GeoFence as a extension module,
with a possible future as a core module with a relationship with GeoServer
similar to the one with GeoWebCache (embedded by default, but usable
also outside), the IPTables paradigm used there might be harder
to parse for some (it is for me), but allows more general matches
to be expressed, there is no hierarchy restriction

Cheers
Andrea

PS: the proposal should say something about the GUI modifications too.

--

GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*

Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.

-------------------------------------------------------

Hello Simone,

Some responses to your concerns.

I agree that the term "third party" is not applicable any longer to geofence, so I will change the text to more appropriately mention geofence as a proper extension that can be used as alternative.

I think geofence has a lot of value as a geoserver extension because it is much more advanced than the default security system and offers much more flexibility, the ability to connect to LDAP,..., and on top of it offers an easy to use GUI.

As I understand it geofence will become an integrated and supported extension of geoserver but remains to be optional; and users will still have the choice between the default text-based config system and the more advanced and flexible database driven geofence system.

It appears that there is a demand from people who wish to continue use the basic security config files but still wish to have the added basic flexibility of combining layer and service security.

Geofence of course already has this ability, and in that sense it is indeed a duplication of efforts, but as far as I can see we won't be in each other's way with our future efforts if geofence remains optional and the text-based security continues to exist. The way I see it this remains separate. Unless your plans of integration are not completely clear to me?

Kind Regards
Niels

On 21-01-15 19:52, Simone Giannecchini wrote:

Ciao Niels,
we discussed this a little bit and there is some feedback I would like
to report fro me:

- In the motivation section you mention "It is currently possible to
accomplish this using a third party security subsystem". Well, we
contributed GeoFence to the GeoServer codebase hence is not really a
third party tool; we are about to ask the community to bring to
standard extension status (which means docs + more tests) as we have
currently more than 3 users relying on it and we have plans for
tighter integration in GeoServer.
- Given what I said above there is a clear duplication of efforts
ahead of us and I would like to hear a few words on how we can
mitigate it (especially since you have some knowledge of GeoFance) if
not resolve it.

I don't want to act as a showstopper but the proposal to be
accepatable from my side needs to addres my concerns above more
thoroughly.

Regards,
Simone Giannecchini

GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.

Please, notice that GeoSolutions will be closed for seasonal holidays
from December the 24th to January the 6th

Ing. Simone Giannecchini
@simogeo
Founder/Director

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 333 8128928

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

-------------------------------------------------------
AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate.
Il loro utilizzo è consentito esclusivamente al destinatario del
messaggio, per le finalità indicate nel messaggio stesso. Qualora
riceviate questo messaggio senza esserne il destinatario, Vi preghiamo
cortesemente di darcene notizia via e-mail e di procedere alla
distruzione del messaggio stesso, cancellandolo dal Vostro sistema.
Conservare il messaggio stesso, divulgarlo anche in parte,
distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità
diverse, costituisce comportamento contrario ai principi dettati dal
D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely
for the attention and use of the named addressee(s) and may be
confidential or proprietary in nature or covered by the provisions of
privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New
Data Protection Code).Any use not in accord with its purpose, any
disclosure, reproduction, copying, distribution, or either
dissemination, either whole or partial, is strictly forbidden except
previous formal approval of the named addressee(s). If you are not the
intended recipient, please contact immediately the sender by
telephone, fax or e-mail and delete the information in this message
that has been received in error. The sender does not give any warranty
or accept liability as the content, accuracy or completeness of sent
messages and accepts no responsibility for changes made after they
were sent or for other risks which arise as a result of e-mail
transmission, viruses, etc.

On Tue, Jan 20, 2015 at 3:53 PM, Niels Charlier <niels@anonymised.com> wrote:

Hello Group,

There has been a request to allow a basic combination of layer and
service security in the integrated geoserver security subsystem.
I have made a proposal to that end:

https://github.com/geoserver/geoserver/wiki/GSIP-125---Layer-with-Service-Security

In summary, the proposal is to extend layer security to support
service/operation specificity and leave the existing service security
intact.
As you can see in the proposal there is still a discussion to be had as
to how certain rules will interact, but I have made a suggestion for
what I think is the most logical solution.

Please offer me your feedback.

Kind Regards
NIels

------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

Hello Andrea,

I completely agree with your counterproposal. It solves some practical problems for me and makes it easier to understand for users. My mistake was that I saw service security as something completely separate from r/w/a security, but it is not.

I will modify the proposal.

Thanks.

Kind Regards
Niels

On 22-01-15 12:08, Andrea Aime wrote:

On Tue, Jan 20, 2015 at 3:53 PM, Niels Charlier <niels@anonymised.com <mailto:niels@anonymised.com>> wrote:

    Hello Group,

    There has been a request to allow a basic combination of layer and
    service security in the integrated geoserver security subsystem.
    I have made a proposal to that end:

    https://github.com/geoserver/geoserver/wiki/GSIP-125---Layer-with-Service-Security

I'm very concerned about the suggested syntax and the mixing rules interpretations,
the current design is significantly simpler and should not be broken.

The current rules use a simple "most specific rule wins" approach, which can and
should be maintained.
The syntax should be:

workspace.layer[.service.request].r/w/a

The r/w/a should be maintained as knowing the request service and request tells
you if the action is read/write/admin only in the common cases, but won't work
for WPS processes, which can do pretty much all three operations inside.

So if someone writes something like this:

topp.states.r=ROLE_RESTRICTED
topp.states.wms.GetCapabilities.r=*
topp.states.wms.GetMap.r=*

It would mean that reading the topp:states layer is normally not allowed, unless
one is using WMS GetCapabilities/GetMap.

It is also to be stressed in the proposal that the * cannot be placed randomly,
if one starts with * everything after it must be a * too, as the authorization subsystem
is hierarchical (see SecureTreeNode), it would not be able to match a rule such as:

*.states.wms.GetMap.r=ROLE_WHATHEVER

This is the reason why we want to push GeoFence as a extension module,
with a possible future as a core module with a relationship with GeoServer
similar to the one with GeoWebCache (embedded by default, but usable
also outside), the IPTables paradigm used there might be harder
to parse for some (it is for me), but allows more general matches
to be expressed, there is no hierarchy restriction

Cheers
Andrea

PS: the proposal should say something about the GUI modifications too.

--

GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.

-------------------------------------------------------

The proposal has now been changed. Please re-read it and place your comments!

On 20-01-15 15:53, Niels Charlier wrote:

Hello Group,

There has been a request to allow a basic combination of layer and
service security in the integrated geoserver security subsystem.
I have made a proposal to that end:

https://github.com/geoserver/geoserver/wiki/GSIP-125---Layer-with-Service-Security

In summary, the proposal is to extend layer security to support
service/operation specificity and leave the existing service security
intact.
As you can see in the proposal there is still a discussion to be had as
to how certain rules will interact, but I have made a suggestion for
what I think is the most logical solution.

Please offer me your feedback.

Kind Regards
NIels

------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

Hi Niels,
still does not say anything about UI security changes?

Cheers
Andrea

···

On Fri, Jan 23, 2015 at 2:11 PM, Niels Charlier <niels@anonymised.com> wrote:

The proposal has now been changed. Please re-read it and place your
comments!

On 20-01-15 15:53, Niels Charlier wrote:

Hello Group,

There has been a request to allow a basic combination of layer and
service security in the integrated geoserver security subsystem.
I have made a proposal to that end:

https://github.com/geoserver/geoserver/wiki/GSIP-125—Layer-with-Service-Security

In summary, the proposal is to extend layer security to support
service/operation specificity and leave the existing service security
intact.
As you can see in the proposal there is still a discussion to be had as
to how certain rules will interact, but I have made a suggestion for
what I think is the most logical solution.

Please offer me your feedback.

Kind Regards
NIels


New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet


Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel


New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet


Geoserver-devel mailing list
Geoserver-devel@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

==

GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.

==

Ing. Andrea Aime

@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.


On Fri, Jan 23, 2015 at 2:11 PM, Niels Charlier <niels@anonymised.com> wrote:

The proposal has now been changed. Please re-read it and place your
comments!

And oh, also, I'd say it's important to clarify that a potentially common
request,
to apply service specific rules on a per workspace basis, is going to be
impossible,
because they would break the hierarchical approach:

topp.*.wms.*.r=*
topp.*.wfs.*.r=ROLE1

Cheers
Andrea

--

GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*

Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.

-------------------------------------------------------

done

On 23-01-15 14:21, Andrea Aime wrote:

On Fri, Jan 23, 2015 at 2:11 PM, Niels Charlier <niels@anonymised.com <mailto:niels@anonymised.com>> wrote:

    The proposal has now been changed. Please re-read it and place your
    comments!

And oh, also, I'd say it's important to clarify that a potentially common request,
to apply service specific rules on a per workspace basis, is going to be impossible,
because they would break the hierarchical approach:

topp.*.wms.*.r=*
topp.*.wfs.*.r=ROLE1

Cheers
Andrea

--

GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.

-------------------------------------------------------

On 23-01-15 14:19, Andrea Aime wrote:

Hi Niels,
still does not say anything about UI security changes?

Sorry, it sounds as if you are referring to something that was mentioned before but I cannot find this.
If you mean the geoserver admin UI, indeed it would have to be updated accordingly.
org.geoserver.security.web.data.NewDataAccessRulePage will need to additional drop down boxes.

Cheers
Niels

On Fri, Jan 23, 2015 at 3:47 PM, Niels Charlier <niels@anonymised.com> wrote:

On 23-01-15 14:19, Andrea Aime wrote:

Hi Niels,
still does not say anything about UI security changes?

Sorry, it sounds as if you are referring to something that was mentioned

before but I cannot find this.
If you mean the geoserver admin UI, indeed it would have to be updated
accordingly.
org.geoserver.security.web.data.NewDataAccessRulePage will need to
additional drop down boxes.

Yes, that's what I mean, it should be mentioned in the proposal too (even
just a sentence, or a mockup if you
feel like to).

Cheers
Andrea

--

GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*

Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.

-------------------------------------------------------

Hi Niels

Is there a relationship to https://github.com/geoserver/geoserver/wiki/GSIP-120

I am still working on it.

Christian

···

On Fri, Jan 23, 2015 at 3:50 PM, Andrea Aime <andrea.aime@anonymised.com> wrote:


New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet


Geoserver-devel mailing list
Geoserver-devel@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

On Fri, Jan 23, 2015 at 3:47 PM, Niels Charlier <niels@anonymised.com> wrote:

On 23-01-15 14:19, Andrea Aime wrote:

Hi Niels,
still does not say anything about UI security changes?

Sorry, it sounds as if you are referring to something that was mentioned before but I cannot find this.
If you mean the geoserver admin UI, indeed it would have to be updated accordingly.
org.geoserver.security.web.data.NewDataAccessRulePage will need to additional drop down boxes.

Yes, that’s what I mean, it should be mentioned in the proposal too (even just a sentence, or a mockup if you
feel like to).

Cheers

Andrea

==

GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.

==

Ing. Andrea Aime

@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.


DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

Hi Christian,

I see the rules are encoded as string that is parsed by the same parser as the text files (correct if I am wrong?) so I should not be making your job any harder.

Regards
Niels

On 23-01-15 16:11, Christian Mueller wrote:

Hi Niels

Is there a relationship to https://github.com/geoserver/geoserver/wiki/GSIP-120

I am still working on it.

Christian

On Fri, Jan 23, 2015 at 3:50 PM, Andrea Aime <andrea.aime@anonymised.com <mailto:andrea.aime@anonymised.com>> wrote:

    On Fri, Jan 23, 2015 at 3:47 PM, Niels Charlier <niels@anonymised.com
    <mailto:niels@anonymised.com>> wrote:

        On 23-01-15 14:19, Andrea Aime wrote:

            Hi Niels,
            still does not say anything about UI security changes?

        Sorry, it sounds as if you are referring to something that was
        mentioned before but I cannot find this.
        If you mean the geoserver admin UI, indeed it would have to be
        updated accordingly.
        org.geoserver.security.web.data.NewDataAccessRulePage will
        need to additional drop down boxes.

    Yes, that's what I mean, it should be mentioned in the proposal
    too (even just a sentence, or a mockup if you
    feel like to).

    Cheers
    Andrea

    -- ==
    GeoServer Professional Services from the experts! Visit
    http://goo.gl/NWWaa2 for more information.
    ==

    Ing. Andrea Aime
    @geowolf
    Technical Lead

    GeoSolutions S.A.S.
    Via Poggio alle Viti 1187
    55054 Massarosa (LU)
    Italy
    phone: +39 0584 962313 <tel:%2B39%200584%20962313>
    fax: +39 0584 1660272 <tel:%2B39%200584%201660272>
    mob: +39 339 8844549 <tel:%2B39%20%C2%A0339%208844549>

    http://www.geo-solutions.it
    http://twitter.com/geosolutions_it

    *AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*

    Le informazioni contenute in questo messaggio di posta elettronica
    e/o nel/i file/s allegato/i sono da considerarsi strettamente
    riservate. Il loro utilizzo è consentito esclusivamente al
    destinatario del messaggio, per le finalità indicate nel messaggio
    stesso. Qualora riceviate questo messaggio senza esserne il
    destinatario, Vi preghiamo cortesemente di darcene notizia via
    e-mail e di procedere alla distruzione del messaggio stesso,
    cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
    divulgarlo anche in parte, distribuirlo ad altri soggetti,
    copiarlo, od utilizzarlo per finalità diverse, costituisce
    comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

    The information in this message and/or attachments, is intended
    solely for the attention and use of the named addressee(s) and may
    be confidential or proprietary in nature or covered by the
    provisions of privacy act (Legislative Decree June, 30 2003,
    no.196 - Italy's New Data Protection Code).Any use not in accord
    with its purpose, any disclosure, reproduction, copying,
    distribution, or either dissemination, either whole or partial, is
    strictly forbidden except previous formal approval of the named
    addressee(s). If you are not the intended recipient, please
    contact immediately the sender by telephone, fax or e-mail and
    delete the information in this message that has been received in
    error. The sender does not give any warranty or accept liability
    as the content, accuracy or completeness of sent messages and
    accepts no responsibility for changes made after they were sent
    or for other risks which arise as a result of e-mail transmission,
    viruses, etc.

    -------------------------------------------------------

    ------------------------------------------------------------------------------
    New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
    GigeNET is offering a free month of service with a new server in
    Ashburn.
    Choose from 2 high performing configs, both with 100TB of bandwidth.
    Higher redundancy.Lower latency.Increased capacity.Completely
    compliant.
    http://p.sf.net/sfu/gigenet
    _______________________________________________
    Geoserver-devel mailing list
    Geoserver-devel@lists.sourceforge.net
    <mailto:Geoserver-devel@lists.sourceforge.net>
    https://lists.sourceforge.net/lists/listinfo/geoserver-devel

--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

I added it.

On 23-01-15 15:50, Andrea Aime wrote:

On Fri, Jan 23, 2015 at 3:47 PM, Niels Charlier <niels@anonymised.com <mailto:niels@anonymised.com>> wrote:

    On 23-01-15 14:19, Andrea Aime wrote:

        Hi Niels,
        still does not say anything about UI security changes?

    Sorry, it sounds as if you are referring to something that was
    mentioned before but I cannot find this.
    If you mean the geoserver admin UI, indeed it would have to be
    updated accordingly.
    org.geoserver.security.web.data.NewDataAccessRulePage will need to
    additional drop down boxes.

Yes, that's what I mean, it should be mentioned in the proposal too (even just a sentence, or a mockup if you
feel like to).

Cheers
Andrea

--

GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.

-------------------------------------------------------

Hmm it appears now that this is actually a requirement. Would you object if I lay out a proposal of how we could implement it with minimal change to the current hierarchical implementation? Regards Niels

···

On 23-01-15 14:21, Andrea Aime wrote:

On Fri, Jan 23, 2015 at 2:11 PM, Niels Charlier <niels@anonymised.com> wrote:

The proposal has now been changed. Please re-read it and place your
comments!

And oh, also, I’d say it’s important to clarify that a potentially common request,
to apply service specific rules on a per workspace basis, is going to be impossible,
because they would break the hierarchical approach:

topp..wms..r=*
topp..wfs..r=ROLE1

On Fri, Jan 23, 2015 at 6:54 PM, Niels Charlier <niels@anonymised.com> wrote:

On 23-01-15 14:21, Andrea Aime wrote:

On Fri, Jan 23, 2015 at 2:11 PM, Niels Charlier <niels@anonymised.com> wrote:

The proposal has now been changed. Please re-read it and place your
comments!

And oh, also, I'd say it's important to clarify that a potentially
common request,
to apply service specific rules on a per workspace basis, is going to be
impossible,
because they would break the hierarchical approach:

topp.*.wms.*.r=*
topp.*.wfs.*.r=ROLE1

Hmm it appears now that this is actually a requirement. Would you object
if I lay out a proposal of how we could implement it with minimal change to
the current hierarchical implementation?

I don't think it can be done without breaking the hierarchical approach and
making the
resulting rule implementation quite confusing (like in the first version of
the proposal
where rule mixes were taken into consideration).

If we are going towards a complexity similar to GeoFence I'd say the time
would be
better spent by embedding geofence and giving it a maybe limited GUI to
edit its rules,
and/or eventually storing the rules in xml if the requirement to have a db
(even just h2)
is too much.

Just saying... let's hear what you propose in terms of "minimal change to
the
current hierarchical approach" :slight_smile:

Cheers
Andrea

--

GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*

Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.

-------------------------------------------------------

Well I just had the idea that there could be a shortcut for specifying different rules for each layer in that workspace. To avoid confusion, we could have a separate symbol for this wildcard. For example: would be shortcut for specifying topp.layer1.wms..r= topp.layer2.wms..r= topp.layer3.wms..r= … The wildcard would thus be applied at the time of the hierarchical tree creation. This also implies that once you have specified a rule, you cannot add a topp.layer1.wms..r= rule as well. It should also be noted that the addition of a layer would require the recreation of the tree. If this cannot happen automatically, we could specify in the documentation that a restart is necessary to update the security rule. Regards Niels

···

On 23-01-15 19:01, Andrea Aime wrote:

On Fri, Jan 23, 2015 at 6:54 PM, Niels Charlier <niels@anonymised.com> wrote:

On 23-01-15 14:21, Andrea Aime wrote:

On Fri, Jan 23, 2015 at 2:11 PM, Niels Charlier <niels@anonymised.com> wrote:

The proposal has now been changed. Please re-read it and place your
comments!

And oh, also, I’d say it’s important to clarify that a potentially common request,
to apply service specific rules on a per workspace basis, is going to be impossible,
because they would break the hierarchical approach:

topp..wms..r=*
topp..wfs..r=ROLE1

Hmm it appears now that this is actually a requirement. Would you object if I lay out a proposal of how we could implement it with minimal change to the current hierarchical implementation?

I don’t think it can be done without breaking the hierarchical approach and making the
resulting rule implementation quite confusing (like in the first version of the proposal
where rule mixes were taken into consideration).

If we are going towards a complexity similar to GeoFence I’d say the time would be
better spent by embedding geofence and giving it a maybe limited GUI to edit its rules,
and/or eventually storing the rules in xml if the requirement to have a db (even just h2)
is too much.

Just saying… let’s hear what you propose in terms of “minimal change to the
current hierarchical approach” :slight_smile:

topp.%.wms.*.r=

topp.%.wms.*.r=

On Fri, Jan 23, 2015 at 7:07 PM, Niels Charlier <niels@anonymised.com> wrote:

Well I just had the idea that there could be a shortcut for specifying
different rules for each layer in that workspace.
To avoid confusion, we could have a separate symbol for this wildcard. For
example:

topp.%.wms.*.r=

would be shortcut for specifying

topp.layer1.wms.*.r=
topp.layer2.wms.*.r=
topp.layer3.wms.*.r=
...

The syntax you use is pretty much irrelevant, using * would be the same.
The thing is, you have to rewrite the authorization engine (the
SecureTreeNode class and their users), as a root to leaf walk will not be
possible anymore,
you'll basically have to scan all the rules linearly, collect the matchers,
and then figure out which one is the most specific one.
This will also make reasoning about the rules in the users mind more
difficult.

Either that, or you'll end up having to expand all possibilities and
maintain that expansion over time as layers
get added removed, with catalogs that have hundreds of thousands of items
it will simply become un-manageable,
meaning the security subsystem becomes suddenly unusable in those cases
(that we're pushing towards with
jdbcconfig, so it's not a made up use case...)

Cheers
Andrea

--

GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*

Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.

-------------------------------------------------------