[Geoprisma-dev] Interesting read on web mapping service security
Yves Moisan
yves.moisan at boreal-is.com
Tue Dec 21 13:55:24 EST 2010
Le 2010-12-20 20:23, Daniel Morissette a écrit :
> An interesting read on web mapping service security, by the GeoServer
> devs:
>
> http://geo-solutions.blogspot.com/2010/12/developers-corner-improving-geoserver.html
>
Hi Daniel,
Following their typology, GP is clearly in the "external proxy category"
and plagued with a bunch of problems, which it surely is because
services aren't secured other than through the UI (and maybe some Apache
rules e.g. to restrict calls from certain IPs only). When the
discussion goes to analyze the pros and cons of the other security
options starting with the "internal proxy model", generic statements
give way to specific implementations, namely Spring.
I like the way GeoServer leverages the work of the greater Java
community. What are options for us in the non Java (or rather "not Java
only") world? A partial answer may be
http://mapfish.org/doc/tutorials/secure_tilecache.html, which is about
how one can use some of the Python tools in this case Pylons
(http://pylonshq.com/) -- which MapFish is basically an extension of --
and repoze.what (http://repoze.org/, specifically the WSGI middleware
section which contains repoze.what :
http://repoze.org/repoze_components.html#middleware). Could GeoPrisma
bundle tools like those to secure services ? Thoughts for 2011 !
Cheers,
Yves
More information about the Geoprisma-dev
mailing list