adding support for user authentication within Mapserver for
GetCapablities and GetMap
Sean Gillies
sgillies at FRII.COM
Fri Aug 31 18:48:58 EDT 2007
Gerry Creager wrote:
> Gregor Mosheh wrote:
>> Sean Gillies wrote:
>>>> Gerry Creager wrote:
>>>>> Rights management is now well into the investigatory and
>>>>> specification stages in OGC.
>>>> He, that's excellent to hear. Thanks for the tip.
>>> No, it's not excellent. DRM is defective by design.
>> Hrm, perhaps I misunderstood. I read "access control" as in password
>> protection to get into my WMS/WFS server.
>>
>> Gerry, did you mean access control at the application layer, so I can
>> have Mapserver manage user accounts and access to my WMS layers, or
>> something deeper such as DRM on the imagery, copy-protection on
>> GeoTIFFs, and the like?
>>
>> (yeah, it's off the topic of Mapserver; so's a lot of educational and
>> interesting stuff we talk about :)
>
> The working group title is GeoDRM. I am not real happy with that but
> the bigger organizations are thinking of the resources they've put into
> their datasets and/or products. Some governments fail to see the
> benefits to their citizens of making geospatial data widely available,
> and thus are supporting this sort of thing. It's gonna be an
> interesting period, but I'm trying to get them to see the benefits of
> authentication/authorization/capabilities control. They keep thinking
> the RIAA/MPAA model is good and working. We have interesting debates.
> I can't tell if I'm making headway or not.
>
> The National Middelware Initiative (NSF funded, Internet2/SURA
> implemented) covers a lot of this via federation and credential exchange
> in their Shibboleth software initiative.
>
> gerry
Gerry, I'm all for security too, but I think it's already addressed for
web services by HTTP Basic + SSL/TLS. In my opinion, adding a spatial
and time dimensions to auth (user 'joe' can only use a service between
9am-5pm originating from Larimer County, Colorado) is pure geo-wankery.
The "GeoDRM" name -- it's clearly pandering to the non-technical guys in
suits who (like you say) still think the RIAA is the good guy.
Cheers,
Sean
More information about the mapserver-users
mailing list