Ideally we will be able to control administrator-ship on a per-dataset
level (maybe a per-organization level would be sufficient for the
permissions model I've heard discussed). However, I think for now
having one hard-coded administrator account (or one account configured
in GeoServer) would be sufficient.
One way this could work would be to have GeoServer fall back to the
.properties model if an account fails to authenticate with Django. Then
we add one account in GeoServer with admin privileges and blacklist that
account's name in Django so no one breaks the system by registering an
account with the magic name.
Another would be to extend the current proposal to be able to represent
admin-ness. For now, we could just check whether a user is an admin in
the Django app, and give all administrative privileges on the GeoServer
side as well. Later, we can refine this based on ownership in the app.
This might be tricky since GeoServer doesn't have fine-grained admin
privileges (although it can fake it with path-based restrictions on the
REST API). We also need to be able to have a user who can always add
layers so that non-admin users can upload data.
Open to suggestions here as well.
--
David Winslow
OpenGeo - http://opengeo.org/
On 07/08/2010 01:05 PM, Sebastian Benthall wrote:
Replying to the geonode public list. Comments in-line
On Thu, Jul 8, 2010 at 7:19 AM, Andrea Aime <aa...@opengeo.org
<mailto:aa...@opengeo.org>> wrote:
Hi,
wondering about the security integration and the GeoServer GUI,
in particular logging in as an administrator.
Is the GeoServer GUI supposed to be unreachable for administration
tasks in the GeoNode embedding?
For this release the use of the embedded GeoServer's admin UI is
unspecified for GeoNode 1.0
So, access is not restricted. It is also not supported (all admin
functions should be done through the web application interface). So,
"use at your own risk."
I'm also wondering about RestConfig usage and the administration
role. The protocol designed at
http://atlas.openplans.org/~dwinslow/geonode-spec/spec/technical/geonode-core/geoserver/permissions.html
<http://atlas.openplans.org/%7Edwinslow/geonode-spec/spec/technical/geonode-core/geoserver/permissions.html>
only tells which layers a user can access, but does not tell me
if the user is supposed to be an administrator or not.
This is trouble as normally RestConfig operations are allowed only
to the administrator, so we also need to get one user marked as an
admin, otherwise remote configuration won't be possible.
That may also allow for GUI login, assuming that is desirable
My understanding is that the embedded GeoServer instance is assumed to
have an administrative user, the web application is configured with
the credentials for that administrative user, and the web application
uses those credentials when performing RestConfig operations.
--
Sebastian Benthall
OpenGeo - http://opengeo.org
