[MapProxy] Request for comments: MapProxy Authorization Interface

[Oliver Tonnhofer]

Hi list,

we already implemented secured MapProxy installations. You won't find any traces of these in the MapProxy source code, because there was never a need to change a single line of MapProxy for that, thanks to the the power of WSGI (the thingy you configure in the .ini and start with `paster serve`) . 

You can implement simple authentication and authorization in an hour, if you are a bit familiar with WSGI and Python. See http://what.repoze.org/docs/1.0/Manual/GettingStarted.html for example.

Right know we are working on a project where we need more control for what a user is allowed to do: User A is allowed to query Layer 1 and 2, User B is allowed to query Layer 1, but only GetMap requests and no FeatureInfo, etc. At the moment, this is not possible with MapProxy and we have to change that. But we don't want to hack that feature into MapProxy for just this specific project. We want you to be able to hook your own user database into MapProxy. We want to open MapProxy for custom authorization.

We designed a simple but flexible interface to get control over MapProxy. There is a new chapter in the documentation that describes this interface in detail:
http://mapproxy.org/docs/nightly/auth.html
It is not finished and we might still change some parts of it.

Why am I writing this mail? Because we want to get feedback from you! Now is the right time to add your wishes, ask questions to the design, write us your use cases for a secured MapProxy, ask if something would be possible, etc..

So, if you are even slightly interested in secured map/tile services, then please read the new chapter and give your feedback.

Regards,
Oliver

-- 
Oliver Tonnhofer    | Omniscale GmbH & Co KG    | http://omniscale.de
http://mapproxy.org | https://bitbucket.org/olt