adding support for user authentication within Mapserver for GetCapablities and GetMap

Sean Gillies sgillies at FRII.COM
Fri Aug 31 15:48:58 PDT 2007


Gerry Creager wrote:
> Gregor Mosheh wrote:
>> Sean Gillies wrote:
>>>> Gerry Creager wrote:
>>>>> Rights management is now well into the investigatory and 
>>>>> specification stages in OGC.
>>>> He, that's excellent to hear. Thanks for the tip.
>>> No, it's not excellent. DRM is defective by design.
>> Hrm, perhaps I misunderstood. I read "access control" as in password 
>> protection to get into my WMS/WFS server.
>>
>> Gerry, did you mean access control at the application layer, so I can 
>> have Mapserver manage user accounts and access to my WMS layers, or 
>> something deeper such as DRM on the imagery, copy-protection on 
>> GeoTIFFs, and the like?
>>
>> (yeah, it's off the topic of Mapserver; so's a lot of educational and 
>> interesting stuff we talk about :)
> 
> The working group title is GeoDRM.  I am not real happy with that but 
> the bigger organizations are thinking of the resources they've put into 
> their datasets and/or products. Some governments fail to see the 
> benefits to their citizens of making geospatial data widely available, 
> and thus are supporting this sort of thing.  It's gonna be an 
> interesting period, but I'm trying to get them to see the benefits of 
> authentication/authorization/capabilities control.  They keep thinking 
> the RIAA/MPAA model is good and working.  We have interesting debates. 
> I can't tell if I'm making headway or not.
> 
> The National Middelware Initiative (NSF funded, Internet2/SURA 
> implemented) covers a lot of this via federation and credential exchange 
> in their Shibboleth software initiative.
> 
> gerry

Gerry, I'm all for security too, but I think it's already addressed for 
web services by HTTP Basic + SSL/TLS. In my opinion, adding a spatial 
and time dimensions to auth (user 'joe' can only use a service between 
9am-5pm originating from Larimer County, Colorado) is pure geo-wankery.

The "GeoDRM" name -- it's clearly pandering to the non-technical guys in 
suits who (like you say) still think the RIAA is the good guy.

Cheers,
Sean



More information about the MapServer-users mailing list