Mark Diggory wrote: > Likewise I've not been very concerned about its exposure (albeit the > submitters email address embedded there) Ideally this user info in > the provenence metadata should contain obviscated email addresses > like the kind that are allowed as sha signatures in FOAF persons. > Attaching that signature as metadata to the eperson and allowing > lookup via sha signatures would allow the admins to get back to the > user that submitted or approved the item from the metadata. and thus > there would be no need to hide the actual metadata fields from the > public.
Whatever the ideal may be, the reality is that there are e-mail addresses in the provenance data. I consider it the basic responsibility of any web application not to publish people's e-mail addresses without their consent. The second problem, peculiar to us because of the embargo requirement, is the inclusion of the bitstream file names, which make it easy to access embargoed files. On both counts, the exposure of provenance metadata is a serious problem and can't wait for 1.5.1. > The "metadata/" space is currently being used as a "catch-all" for > exposing various types of metadata to the user (at least in my > usage), it shouldn't be difficult to block it behind either > authentication or drop it entirely using the sitemap.xmap > configuration of Cocoon in the dspace/modules/xmlui/src/main/webapp/ > sitemap.xmap. You'll need to obtain a copy from the dspace-xmlui- > webapp/src/main/webap/sitemap.xmap. As I said in my post, that was what I did. My first attempt was to change "metadata" to some other string of letters (let's say "detamata"). If I do that, Manakin hangs. I then refined the attempt to redirect "metadata/**" to something else. Same result. -- Gary McGath Digital Library Software Engineer Harvard University Library Office for Information Systems http://hul.harvard.edu/~gary/index.html ------------------------------------------------------------------------- Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08 _______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech
