[mapguide-internals] Please review RFC 103
Christine Bao
Christine.Bao at autodesk.com
Wed Jul 14 23:03:26 EDT 2010
Hi Trevor,
There is no requirement to support multiple WMS/WFS configurations so far. Your idea is good, but I'm afraid it's beyond current estimation :)
Thanks & regards,
Christine
-----Original Message-----
From: mapguide-internals-bounces at lists.osgeo.org [mailto:mapguide-internals-bounces at lists.osgeo.org] On Behalf Of Trevor Wekel
Sent: Thursday, July 15, 2010 3:10 AM
To: MapGuide Internals Mail List
Subject: RE: [mapguide-internals] Please review RFC 103
Hi Christine,
Can we move the WFS and WMS configuration documents to the Site repository and use MgResourceService SetResource and GetResourceContent instead?
As far as I know, most of our "writeable" documents are contained in the repositories. I am not that familiar with the WMS/WFS specs, would it be appropriate to support more than one set of WMS/WFS configuration documents? That way we could support multiple WMS/WFS configurations on the same site. The WMS/WFS configuration documents could reside in a directory tree in the Site repository with each folder representing a different WMS/WFS configuration. Assuming that directory permissions can be set accordingly, this may also allow for finer grained access control over WMS/WFS exposed resources.
For example,
Site://WMS/PublicSite/1.0.0.xml
Site://WMS/PublicSite/1.1.0.xml
Site://WMS/PublicSite/1.1.1.xml
Site://WMS/PublicSite/1.3.0.xml
Site://WMS/PublicSite/OgcWmsService.config.xml
Site://WFS/PrivateSite/1.0.0.xml
Site://WFS/PrivateSite/1.1.0.xml
Site://WFS/PrivateSite/1.1.1.xml
Site://WFS/PrivateSite/1.3.0.xml
Site://WFS/PrivateSite/OgcWfsService.config.xml
Site://WMS/PublicSite could be open to Anonymous and Site://WFS/PrivateSite could be made available to specific users/groups.
This would require some research but we may be able to extend the mapagent.fcgi URL syntax to support multiple configurations, something like:
http://www.mapguide.com/mapguide/mapagent/mapagent.fcgi/WMS/PublicSite?service=wms&version=1.1.1&request=GetCapabilities
http://www.mapguide.com/mapguide/mapagent/mapagent.fcgi/WFS/PrivateSite?service=wfs&version=1.3.0&request=GetCapabilities
Regards,
Trevor
-----Original Message-----
From: mapguide-internals-bounces at lists.osgeo.org [mailto:mapguide-internals-bounces at lists.osgeo.org] On Behalf Of Christine Bao
Sent: July 14, 2010 1:50 AM
To: mapguide-internals at lists.osgeo.org
Subject: Re: [mapguide-internals] Please review RFC 103
Hi Jason,
1. Are you sure that SetDocument() requires Administrator privileges? If so it's save to publish it.
2. I copied from another reply:
There is one similar operation in Studio named GetSiteProperties().
It gets information about how long the server has been running, the number of connections, the server's version etc. The information is not from repository.
Similar as GetDocument(), it needs the user information of current connect to open the service:
// Create ServerAdmin object
Ptr<MgServerAdmin> serverAdmin = new MgServerAdmin();
serverAdmin->Open(siteInfo->GetTarget(), m_userInfo);
This call is frequently used in Studio, and I think it works for most user account. So GetDocument should not limit to high privilege user account also.
Thanks & regards,
Christine
From: Jason Birch <jason at jasonbirch.com>
Subject: Re: [mapguide-internals] Please review RFC 103
To: MapGuide Internals Mail List <mapguide-internals at lists.osgeo.org>
Message-ID:
<AANLkTin1ktmcdXUam0x_1yVk6NtyN2J9vewuWsO5PMLy at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
I would suggest that this kind of request should require author access AND
should not be available through the API at all when authoring is disabled in
webconfig.ini. setDocument should require Administrator privileges.
I am not a big fan of allowing public access to configuration documents,
regardless of the seemingly innocuous nature of the information they
contain.
I guess the Fusion widget info calls access files outside of the repository.
Are there any others?
Jason
On 13 July 2010 16:24, Tom Fukushima wrote:
> Along with SetDocument, what kind of user would be allowed access to this
> file? For example, since the RFC mentions the Studio user perhaps these
> operations only be available to someone with Author (or above) privileges.
> Do we need a way to set security on this document so that we can restrict
> who can access it? I would hope not since that seems like overkill.
>
> Are there any other operations in MGOS that are similar to this (i.e.,
> access documents or information outside of the repository) in behavior?
>
>
_______________________________________________
mapguide-internals mailing list
mapguide-internals at lists.osgeo.org
http://lists.osgeo.org/mailman/listinfo/mapguide-internals
More information about the mapguide-internals
mailing list