FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH L-16: deegree iGeosecurity - Access Control for OGC.

Slides:

Advertisements

Ähnliche Präsentationen

R. Zankl – Ch. Oelschlegel – M. Schüler – M. Karg – H. Obermayer R. Gottanka – F. Rösch – P. Keidler – A. Spangler th Expert Meeting Business.

Advertisements

An OGC Standards Driven Geodata Online Access for DLRs National Remote Sensing Data Library (NRSDL) Torsten Heinen German Remote Sensing Data Center (DLR/DFD)

Vorlesung: 1 Betriebliche Informationssysteme 2003 Prof. Dr. G. Hellberg Studiengang Informatik FHDW Vorlesung: Betriebliche Informationssysteme Teil 5.

Can you think of some KEY phrases which would be useful in multiple contexts? Take 2 minutes with a partner and come up with as many as you can!

Abkürzungen mit Präpositionen German Prepositional Contractions

GIS Web Services mit Geoserver Oliver Archner BayCEER 2010.

| DC-IAP/SVC3 | © Bosch Rexroth Pneumatics GmbH This document, as well as the data, specifications and other information set forth in.

| Basel Von der SharePoint Taskliste zum gemanagten Project in Project Server Luca Argentiero Solution Specialist Microsoft

Wortschatz angenehm comfortable anstrengend tiring ausgezeichnet outstanding bequem comfortable berühmt famous besser better blöd stupid einfach easy fantastisch.

Microsoft Dynamics NAV 2009

You need to use your mouse to see this presentation © Heidi Behrens.

Wortschatz der Schulhof the playground die Aula the hall

Ein Projekt des Technischen Jugendfreizeit- und Bildungsvereins (tjfbv) e.V. kommunizieren.de Blended Learning for people with disabilities.

You need to use your mouse to see this presentation © Heidi Behrens.

Institut für Angewandte Mikroelektronik und Datentechnik Course and contest Results of Phase Selected Topics in VLSI Design (Module 24513) ©

Institut für Angewandte Mikroelektronik und Datentechnik Phase 5 Architectural impact on ASIC and FPGA Nils Büscher Selected Topics in VLSI Design (Module.

Weak pushover verbs..... lieben kaufen spielen suchen....are verbs that do exactly as they are told. They stick to a regular pattern that does not change!

SiPass standalone.

Stephanie Müller, Rechtswissenschaftliches Institut, Universität Zürich, Rämistrasse 74/17, 8001 Zürich, Criminal liability.

Ralf M. Schnell Technical Evangelist Microsoft Deutschland GmbH

Literary Machines, zusammengestellt für ::COLLABOR:: von H. Mittendorfer Literary MACHINES 1980 bis 1987, by Theodor Holm NELSON ISBN

Akkusativ Präpositionen

FTS usage at GridKa Forschungszentrum Karlsruhe GmbH

Arbeiten in einem agilen Team mit VS & TFS 11

Welcome to Web Services & Grid Computing Jens Mache

Managing Internationalisation Patricia Adam © UVK Verlagsgesellschaft mbH, Konstanz und München Slides Chapter 7 Patricia Adam Managing Internationalisation.

Physik multimedial Lehr- und Lernmodule für das Studium der Physik als Nebenfach Julika Mimkes: Links to e-learning content for.

6 Prepositions with ACCUSATIVE

The Journey to America… The Immigrant Experience.

COMMANDS imperative 1. you (formal): Sie 2. you (familiar plural): ihr

Studentenstreik 2009, 2010 in Deutschland Part 1: Studiengebühren.

Gregor Graf Oracle Portal (Part of the Oracle Application Server 9i) Gregor Graf (2001,2002)

© Crown copyright 2011, Department for Education These materials have been designed to be reproduced for internal circulation, research and teaching or.

You need to use your mouse to see this presentation © Heidi Behrens.

EUROPÄISCHE GEMEINSCHAFT Europäischer Sozialfonds EUROPÄISCHE GEMEINSCHAFT Europäischer Fonds für Regionale Entwicklung Workpackage 5 – guidelines Tasks.

Berliner Elektronenspeicherring-Gesellschaft für Synchrotronstrahlung m.b.H., Albert-Einstein-Straße 15, Berlin frontend control at BESSY R. Fleischhauer.

D. Sturzebecher, Institut für Betriebssysteme und Rechnerverbund, TU-Braunschweig Tele-Teaching with MACS n Tele-Teaching Requirements and Scenarios n.

Here‘s what we‘ll do... Talk to the person sitting in front of you. Introduce each other, and ask each other questions concerning the information on your.

EUROPÄISCHE GEMEINSCHAFT Europäischer Sozialfonds EUROPÄISCHE GEMEINSCHAFT Europäischer Fonds für Regionale Entwicklung Workpackage 5 – guidelines Tasks.

Großvater Großmutter Großvater Großmutter Tante/Onkel Vater Mutter.

JaGo Ja va Framework for G e o graphical Information Systems Prof. Dr. Klaus Greve Dr. Andreas Poth TZ GIS i.G.

Standort assurance for companies Industrie- und Handelskammer Lippe zu Detmold 01. Juni 2010 Seite 1 What does the IHK do against the crisis?

1Crypto AG / P_M_HC-2650-Course-Notes-d_0833_rd.PPT Training and Education HC-2650 Kursunterlagen.

Technische Universität München Alexander Neidhardt Forschungseinrichtung Satellitengeodäsie 1 Concepts for remote control of VLBI-telescopes: on the way.

Essay structure Example: Die fetten Jahre sind vorbei: Was passiert auf der Almhütte? Welche Bedeutung hat sie für jede der vier Personen? Intro: One or.

© Boardworks Ltd of 8 © Boardworks Ltd of 8 This icon indicates that the slide contains activities created in Flash. These activities are not.

LLP DE-COMENIUS-CMP Dieses Projekt wurde mit Unterstützung der Europäischen Kommission finanziert. Die Verantwortung für den Inhalt dieser.

Interrogatives and Verbs

Workshop 5 TMC 2016 Gregor Glinka

Mapbender Workshop Astrid Emde Christoph Baudson FOSS4G Barcelona 2010.

Workshop 1 Getting Started 2016 Boris Wylutzki

Apache Camel Christian Schneider

„Unsere Kompetenz – Ihr Nutzen.“

Premiere Conferencing GmbH

OAuth 2.0 Ralf Hoffmann 03 / 2017

Volume 1, Chapter 8.

Prof. Dr.-Ing. Franz-Josef Behr Geodaten und Datenmodell

Felicity Lawson and John Finney EMMAUS-Tagungen Frühjahr 2007

Brainstorming model hierarchy? [ich glaube nicht, dass wir eine Hierarchie definieren können; Gruppen ja] Core Model, technology specific models, purpose.

Cape Cod-Seminar Dr. Bernd Schmid July 2013

Metadata - Catalogues and Digitised works

You need to use your mouse to see this presentation

Official Statistics Web Cartography in Germany − Regional Statistics, Federal and European Elections, Future Activities − Joint Working Party meeting.

OFFICE 365 FOCUS SESSION SHAREPOINT ONLINE 101:LERNE DIE BASICS 19. März 2018 Höhr-Grenzhausen.

Integrating Knowledge Discovery into Knowledge Management

Practical Exercises and Theory

Niedersächsisches Ministerium

- moodle – a internet based learning platform

Präsentation transkript:

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH L-16: deegree iGeosecurity - Access Control for OGC Web Services Hans Plum

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH ● Spin-Off University of Bonn, Nov ● SDI/OGC/ISO Competence + Free Software ● Consulting, Software development, Training ● deegree – Open Source implementation of several OGC/ISO-Standards ● Active OGC-Member ● Partner: Delphi IMM, EMPRISE, GDF, Intevation, map Topomatik lat/lon – short introduction

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH Agenda ● Overview and Motivation ● Open SDIs & deegree – hands-on intro to deegree OWS and clients ● Secured SDIs & deegree – hands-on intro to deegree iGeoSecurity ● Questions & Comments

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH Our Use Case ● John is allowed to see the entire WMS layer for endangered species ● Laura can just access the map layer for endangered species within a buffer of 20 km around the lake ● Hillary is allowed to insert new endangered species via the WFS; John and Laura are not allowed to.

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH Architecture of a SDI Gazetteer OGC-Clients Catalogue WMS WCS WFS WMPS WTS/WPV S WFS-t

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH SDI for the Lab OGC-Clients WMS WFS WFS-t

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH Inside deegree ● all applications are implemented as Java Servlets depending on the Java Servlet standard: – common directory structure and relevant files: ● WEB-INF/web.xml (Initialising web application) ● WEB-INF/classes/log4j.properties (Logging) ● WEB-INF/conf/[wms | igeoportal | security | wass] ● WEB-INF/lib (Java libraries)

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH Inside deegree iGeoPortal std. edt. ● generator-based GUI creation: From enhanced OGC Web Map Context to HTML via XSLT ( webapps/igeoportal/WEB-INF/conf/igeoportal/wmc_start_utah.xml ) ● Arranging modules (functionality) in North, East, South, West, Central (next slide) ● Task: Switch modules of East to West and vv. ● Task: Make Layer „airports“ non-queryable

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH GUI structure

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH Using OpenJUMP as WFS Client ● OpenJUMP with deegree WFSPlugIn supporting WFS (read) and WFS (read/write) access OpenJUMP WMS WFS WFS-t ShapeFiles WMS PostGIS DB

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH OGC interfaces in SDIs ● Interoperability of maps and vector data – everybody has access; no restrictions intended (Open Geospatial Consortium) ● but everybody could manipulate data through according OGC interfaces ● How to manage access control for OGC services?

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH Managing Access Control OGC-Clients WMS WFS WFS-t iGeoSecurity:owsProxy

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH deegree owsProxy: Hiding OWS ● transparent facade in front of WMS, WFS, CSW ● supporting different authentication methods (Who?) ● supporting authorization (What?) static and user- dependent ● Task: Deploy owsProxy ● Task: Check WMS Capabilities for anonymous user, laura/laura and john/john manually ( ● Task: Login into iGeoPortal as john/john

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH Inside deegree owsProxy ● OWS to hide: webapps/owsproxy/WEB-INF/web.xml ● Authorization: webapps/owsproxy/WEB- INF/conf/security/w?spolicy.xml ● Authentication: webapps/owsproxy/WEB- INF/conf/security/authentication.xml

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH Authentication ● decoupling of creation and testing of credentials ● 3 rd parties/applications can use it ● developed from a SDI NRW standard; proposed at OGC ● Supporting operations GetSession/CloseSession – deegree DescribeUser ● Task: Deploy deegree-was and check according requests

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH owsProxy – Web Authentication S. OGC-Clients WMS WFS WFS-t iGeoSecurity:owsProxy WAS

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH Authorization: Administration ● Defining: ● Users ● Groups (Aggregation of Users and Groups) ● Rights (GetMap on Layer A allowed?) ● Roles (Aggregation of Groups and Rights) ● Task: Deploy rights management deegree-u3r ● Task: Add user Paul and give him rights for layer endangered_species

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH Authorization: User, Rights, Roles, Ressources (U3R) OGC-Clients WMS WFS WFS-t iGeoSecurity:owsProxy WAS Postgres DB ShapeFiles PostGIS DB U3R

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH iGeoPortal and owsProxy/WAS ● Task: Checkout the communication between iGeoPortal and owsProxy and WAS

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH WFS and owsProxy ● Task: Use OpenJUMP as WFS Client against featuretype endangered_species for user hillary/hillary

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH Info Flow in enterprise SDI OGC-Clients WMS WFS WFS-t iGeoSecurity:owsProxy WAS Postgres DB ShapeFiles PostGIS DB U3R

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH Outlook ● Securing the communication via Web Security Service ● Securing communication via Inteproxy (a client-based tunnel application) ● Billing users via OSAAS

FOSS4G 2007, Victoria L-16 deegree iGeoSecurity gesellschaft für raumbezogene informationssysteme mbH L-16: deegree iGeosecurity - Access Control for OGC Web Services Hans Plum