Hi Andrea, now I am confused. I thought we are talking about the following optional feature:
If an authenticated user originates a request geoservers sends back the roles of THIS user in a http response header attribute. If no user is authenticated and anonymous authentication is allowed, geoserver sends back ROLE_ANONYMOUS There is no direct relation to user/role databases. You cannot query the roles of other users. (Security disaster) I thought about injecting a servlet filter. A use case would be to have a dynamic web front end showing/hiding html components depending on the roles of the authenticated user. Cheers Christian Zitat von Andrea Aime <[email protected]>: > On Mon, Feb 13, 2012 at 8:37 AM, <[email protected]> wrote: > >> Hi Andrea, next question >> >> Does it make sense to offer this feature for administrative tasks (GUI or >> REST). I think not but I am quite unsure. > > > GUI wise we already have it no? > REST wise, I believe so. > > What I'm wondering is, how does this play with the ability to plug in other > user databases? > In an ideal world I guess the GUI/REST interfaces should gracefully disable > themselves, > maybe with some plugins they can be read only, for others completely shut > down? > > I mean, theoretically one user source does not have a reason to let you > browse the full > set of users, though it would be nice to, the same goes for the ability to > edit them. > > Cheers > Andrea > > -- > ------------------------------------------------------- > Ing. Andrea Aime > GeoSolutions S.A.S. > Tech lead > > Via Poggio alle Viti 1187 > 55054 Massarosa (LU) > Italy > > phone: +39 0584 962313 > fax: +39 0584 962313 > mob: +39 339 8844549 > > http://www.geo-solutions.it > http://geo-solutions.blogspot.com/ > http://www.youtube.com/user/GeoSolutionsIT > http://www.linkedin.com/in/andreaaime > http://twitter.com/geowolf > > ------------------------------------------------------- > ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. ------------------------------------------------------------------------------ Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 _______________________________________________ Geoserver-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
