[mapguide-internals] Please review RFC 103

Christine Bao Christine.Bao at autodesk.com
Wed Jul 14 23:03:26 EDT 2010


Hi Trevor,

   There is no requirement to support multiple WMS/WFS configurations so far. Your idea is good, but I'm afraid it's beyond current estimation :)

Thanks & regards,
Christine

-----Original Message-----
From: mapguide-internals-bounces at lists.osgeo.org [mailto:mapguide-internals-bounces at lists.osgeo.org] On Behalf Of Trevor Wekel
Sent: Thursday, July 15, 2010 3:10 AM
To: MapGuide Internals Mail List
Subject: RE: [mapguide-internals] Please review RFC 103

Hi Christine,

Can we move the WFS and WMS configuration documents to the Site repository and use MgResourceService SetResource and GetResourceContent instead?

As far as I know, most of our "writeable" documents are contained in the repositories.  I am not that familiar with the WMS/WFS specs, would it be appropriate to support more than one set of WMS/WFS configuration documents?  That way we could support multiple WMS/WFS configurations on the same site.  The WMS/WFS configuration documents could reside in a directory tree in the Site repository with each folder representing a different WMS/WFS configuration.  Assuming that directory permissions can be set accordingly, this may also allow for finer grained access control over WMS/WFS exposed resources. 

For example,

Site://WMS/PublicSite/1.0.0.xml
Site://WMS/PublicSite/1.1.0.xml
Site://WMS/PublicSite/1.1.1.xml
Site://WMS/PublicSite/1.3.0.xml
Site://WMS/PublicSite/OgcWmsService.config.xml

Site://WFS/PrivateSite/1.0.0.xml
Site://WFS/PrivateSite/1.1.0.xml
Site://WFS/PrivateSite/1.1.1.xml
Site://WFS/PrivateSite/1.3.0.xml
Site://WFS/PrivateSite/OgcWfsService.config.xml

Site://WMS/PublicSite could be open to Anonymous and Site://WFS/PrivateSite could be made available to specific users/groups.


This would require some research but we may be able to extend the mapagent.fcgi URL syntax to support multiple configurations, something like:

http://www.mapguide.com/mapguide/mapagent/mapagent.fcgi/WMS/PublicSite?service=wms&version=1.1.1&request=GetCapabilities
http://www.mapguide.com/mapguide/mapagent/mapagent.fcgi/WFS/PrivateSite?service=wfs&version=1.3.0&request=GetCapabilities

Regards,
Trevor

-----Original Message-----
From: mapguide-internals-bounces at lists.osgeo.org [mailto:mapguide-internals-bounces at lists.osgeo.org] On Behalf Of Christine Bao
Sent: July 14, 2010 1:50 AM
To: mapguide-internals at lists.osgeo.org
Subject: Re: [mapguide-internals] Please review RFC 103

Hi Jason,


1.       Are you sure that SetDocument() requires Administrator privileges? If so it's save to publish it.


2.       I copied from another reply:

     There is one similar operation in Studio named GetSiteProperties().

     It gets information about how long the server has been running, the number of connections, the server's version etc. The information is not from repository.

     Similar as GetDocument(), it needs the user information of current connect to open the service:

                        // Create ServerAdmin object

                        Ptr<MgServerAdmin> serverAdmin = new MgServerAdmin();

                        serverAdmin->Open(siteInfo->GetTarget(), m_userInfo);

     This call is frequently used in Studio, and I think it works for most user account. So GetDocument should not limit to high privilege user account also.

Thanks & regards,
Christine


From: Jason Birch <jason at jasonbirch.com>

Subject: Re: [mapguide-internals] Please review RFC 103

To: MapGuide Internals Mail List <mapguide-internals at lists.osgeo.org>

Message-ID:

      <AANLkTin1ktmcdXUam0x_1yVk6NtyN2J9vewuWsO5PMLy at mail.gmail.com>

Content-Type: text/plain; charset=ISO-8859-1



I would suggest that this kind of request should require author access AND

should not be available through the API at all when authoring is disabled in

webconfig.ini.  setDocument should require Administrator privileges.



I am not a big fan of allowing public access to configuration documents,

regardless of the seemingly innocuous nature of the information they

contain.



I guess the Fusion widget info calls access files outside of the repository.

 Are there any others?



Jason



On 13 July 2010 16:24, Tom Fukushima wrote:



> Along with SetDocument, what kind of user would be allowed access to this

> file? For example, since the RFC mentions the Studio user perhaps these

> operations only be available to someone with Author (or above) privileges.

>  Do we need a way to set security on this document so that we can restrict

> who can access it? I would hope not since that seems like overkill.

>

> Are there any other operations in MGOS that are similar to this (i.e.,

> access documents or information outside of the repository) in behavior?

>

>

_______________________________________________
mapguide-internals mailing list
mapguide-internals at lists.osgeo.org
http://lists.osgeo.org/mailman/listinfo/mapguide-internals



More information about the mapguide-internals mailing list