No, the proposal is still active.
Niels asked about user to role assignment, the proposal is about resource
to role assignment.
Role to user assignment would require a new GSIP.
Cheers
Christian
On Mon, Apr 13, 2015 at 7:19 PM, Jody Garnett
wrote:
> Should we archive that proposal then?
> http
Should we archive that proposal then?
https://github.com/geoserver/geoserver/wiki/GSIP-120
--
Jody Garnett
On 13 April 2015 at 03:05, Christian Mueller <
christian.muel...@os-solutions.at> wrote:
> Hi Niels
>
> Not in the near future.
>
> Cheers
>
> On Sun, Apr 12, 2015 at 10:08 PM, Niels Charli
Hi Niels
Not in the near future.
Cheers
On Sun, Apr 12, 2015 at 10:08 PM, Niels Charlier wrote:
>
> Is a user/role rest API also planned?
>
> Regards
> Niels
>
>
> On 17-10-14 17:04, Christian Mueller wrote:
>
>
> https://github.com/geoserver/geoserver/wiki/GSIP-120-REST-API-for-access-control
Is a user/role rest API also planned?
Regards
Niels
On 17-10-14 17:04, Christian Mueller wrote:
https://github.com/geoserver/geoserver/wiki/GSIP-120-REST-API-for-access-control
Please comment and vote.
Cheers
--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions Gmb
rity/acl/All%20User%20Read/*.*.r
>>>>
>>>>
>>>>
>>>> Using a generated identifier is good when something isn’t already
>>>> identified, but it would be nice to have the ability to set my own
>>>> identifier that has user meaning
Intelligent Software Solutions, Inc.*
>
> [image: Description: Description: Description:
> cid:image001.png@01CA1F1F.CBC93990]
>
>
>
> *From:* Justin Deoliveira [mailto:jdeol...@boundlessgeo.com]
> *Sent:* Monday, October 20, 2014 6:35 AM
> *To:* Andrea Aime
> *Cc:* geoserver-
Using a generated identifier is good when something isn’t already
>>> identified, but it would be nice to have the ability to set my own
>>> identifier that has user meaning.
>>>
>>>
>>>
>>> Chris Snider
>>>
>>> Senior Software Engi
t;> Senior Software Engineer
>>
>> *Intelligent Software Solutions, Inc.*
>>
>> [image: Description: Description: Description:
>> cid:image001.png@01CA1F1F.CBC93990]
>>
>>
>>
>> *From:* Justin Deoliveira [mailto:jdeol...@boundlessgeo.com]
>> *S
120, REST API for access control
If the identifier is going to show up and be used in urls I like the idea of
using the md5sum or some other generated identifier. They are long but easier
to use than strings that require url encoding. But it feels like a bad idea to
generate ID's for rul
If the identifier is going to show up and be used in urls I like the idea
of using the md5sum or some other generated identifier. They are long but
easier to use than strings that require url encoding. But it feels like a
bad idea to generate ID's for rules at the level of the rest api. Seems
what
On Mon, Oct 20, 2014 at 12:10 PM, Christian Mueller <
christian.muel...@os-solutions.at> wrote:
> Hi Phil
>
> The rest.properties file has a key
>
> /**
>
> Not sure if
>
> /security/acl/layers//**
>
> will work.
>
It may if you url-escape it:
%/security/acl/layers/2F**
Cheers
Andrea
--
==
G
Hi Phil
The rest.properties file has a key
/**
Not sure if
/security/acl/layers//**
will work.
On Sun, Oct 19, 2014 at 10:17 PM, Phil Scadden wrote:
>
> > /security/acl/layers/7AC93B1A17731D9EA925EB13C0CF3BCC
> >
> > This is the md5 sum for *.*.r
> That is pretty ugly. Why not just an esc
> /security/acl/layers/7AC93B1A17731D9EA925EB13C0CF3BCC
>
> This is the md5 sum for *.*.r
That is pretty ugly. Why not just an escaped version of the key?
Notice: This email and any attachments are confidential.
If received in error please destroy and immediately notify us.
Do not copy or disclo
Hmm
A simple numbering system is dangerous. Between the GET and the DELETE
rules may have been added. Deleting the wrong rule may be a consequence.
Using a MD5 check sum would be a solution, like
/security/acl/layers/7AC93B1A17731D9EA925EB13C0CF3BCC
This is the md5 sum for *.*.r
I hope to get
On Sat, Oct 18, 2014 at 2:44 PM, Christian Mueller <
christian.muel...@os-solutions.at> wrote:
> Hi Andrea
>
> Thanks to the hint about the DELETE method. I think it is not forbidden to
> add a request body to a delete request, but I seems to be a bad practice.
>
>
> http://www.spenceruresk.com/20
Hi Andrea
Thanks to the hint about the DELETE method. I think it is not forbidden to
add a request body to a delete request, but I seems to be a bad practice.
http://www.spenceruresk.com/2011/11/http-delete-requests-that-include-a-body/
Maybe we can encode the rule keys as a comma separated list
On Sat, Oct 18, 2014 at 1:32 PM, Christian Mueller <
christian.muel...@os-solutions.at> wrote:
> Hi
>
> About granularity, the PUT,DELETE and POST method work with a set of
> rules. This does not mean all rules, the set may contain only one rule.
>
Could you make an example? Normall in REST when
Hi
About granularity, the PUT,DELETE and POST method work with a set of rules.
This does not mean all rules, the set may contain only one rule.
About the XML property file format, I will change this. There is a class
MapResource in the rest-config module, I think I will reuse this code.
But I f
Ciao Christian,
I was about to ask a question similar to andrea's one.
This approach is fine and I don't want to waste your time on this as you h
ave funding available, but the concerns expressed by Mauro (
http://osgeo-org.1560.x6.nabble.com/REST-API-for-access-control-td5166448.html)
are not (en
Hi Christian,
in the proposal I don't see the fine grained access to rules that was
discussed
with Mauro?
How do you delete just a single rule?
Cheers
Andrea
On Fri, Oct 17, 2014 at 5:04 PM, Christian Mueller <
christian.muel...@os-solutions.at> wrote:
>
> https://github.com/geoserver/geoserve
Hi Justin
I modified the GSIP.
1) The API path is /security/acl
2) I added the sentence "The request body contains the modified rules" to
the description of the PUT method.
Cheers
Christian
On Fri, Oct 17, 2014 at 11:24 PM, Justin Deoliveira <
jdeol...@boundlessgeo.com> wrote:
> Thanks Chr
Thanks Chrisitan. A couple of points.
In the interest of keeping urls relatively short, can we shorten the api
path to "/security/acl" or "/security/access"? Other may not like that...
up for debate.
Second is regarding update via PUT. Will the user be able to update
individual rules? Or will the
+1 and thanks for the clear proposal.
Tip: remember to leave time/budget for docs :)
Jody Garnett
On Fri, Oct 17, 2014 at 8:04 AM, Christian Mueller <
christian.muel...@os-solutions.at> wrote:
>
> https://github.com/geoserver/geoserver/wiki/GSIP-120-REST-API-for-access-control
>
> Please commen
https://github.com/geoserver/geoserver/wiki/GSIP-120-REST-API-for-access-control
Please comment and vote.
Cheers
--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH
--
Comprehensive Serve
24 matches
Mail list logo
