Access Control in MapServer

Sean Gillies sgillies at FRII.COM
Tue Jan 23 10:21:28 EST 2007 

Daniel Morissette wrote:
> Sean Gillies wrote:
>> Daniel, one word:
>>
>> Middleware, baby.
>>
>> Okay, two words. Your customer's access control requirements are probably going to be continually evolving, so keeping access control out of MapServer means easier development and maintenance. And it keeps a lot of complicated logic (needed by very few) out of the MapServer application itself.
> 
> Steve Lime wrote:
>> I guess you can't do that level of access control outside of MapServer
>> can you. I
>> ok with this even if it's not terribly high priority personally.
>> ACCESS...END
>>
> 
> Some level of access control can be done outside of MapServer, but not 
> everything. For instance WMS layer level restrictions are easy to 
> implement in a wrapper that simply checks the LAYERS=... parameter of a 
> WMS request and denies the request if an unauthorized layer is requested.
> 
> However, things like attribute or bbox filtering can hardly be done 
> outside of MapServer, e.g. users from group X can only access features 
> from layer L that match expression "AUTH_GROUP = X", or users from group 
> Y can only access features inside a given BBOX or that intersect with a 
> given polygon.
> 
> Of course one could create separate layers for each class of users and 
> then simply do layer-level access control in a wrapper. That's the kind 
> of workarounds they use now, but when the number of 
> users/groups/restrictions combinations increase, the number of layers 
> become harder to manage and they are looking for something more 
> integrated and more powerful.
> 
> Daniel

Daniel, I finally took a close look at DACS, and it doesn't seem so bad. 
It is middleware and has an Apache module. If you really have to 
implement super fine grain permissions into feature access and 
rendering, it might be a decent choice, but are you not worried about 
the performance hit of checking permission for every feature drawn on a 
map? Thousands of calls to the access control API for every map drawn? 
Decent performance is going to mandate pre-processed shapefiles or 
PostGIS views, so attribute-level run-time access control seems less 
useful the more I think about it.

Am I having an olfactory hallucination, or do I smell GeoDRM around here? ;)

Cheers,
Sean

-- 
Sean Gillies
http://zcologia.com/news

More information about the mapserver-dev mailing list