[Geoprisma-dev] Interesting read on web mapping service security

Yves Moisan yves.moisan at boreal-is.com
Tue Dec 21 13:55:24 EST 2010


Le 2010-12-20 20:23, Daniel Morissette a écrit :
> An interesting read on web mapping service security, by the GeoServer 
> devs:
>
> http://geo-solutions.blogspot.com/2010/12/developers-corner-improving-geoserver.html 
>
Hi Daniel,

Following their typology, GP is clearly in the "external proxy category" 
and plagued with a bunch of problems, which it surely is because 
services aren't secured other than through the UI (and maybe some Apache 
rules e.g. to restrict calls from certain IPs only).  When the 
discussion goes to analyze the pros and cons of the other security 
options starting with the "internal proxy model", generic statements 
give way to specific implementations, namely Spring.

I like the way GeoServer leverages the work of the greater Java 
community.  What are options for us in the non Java (or rather "not Java 
only") world?  A partial answer may be 
http://mapfish.org/doc/tutorials/secure_tilecache.html, which is about 
how one can use some of the Python tools in this case Pylons 
(http://pylonshq.com/) -- which MapFish is basically an extension of --  
and repoze.what (http://repoze.org/, specifically the WSGI middleware 
section which contains repoze.what : 
http://repoze.org/repoze_components.html#middleware).  Could GeoPrisma 
bundle tools like those to secure services ?  Thoughts for 2011 !

Cheers,

Yves



More information about the Geoprisma-dev mailing list