[ka-Map-users] Proposal to add access control to ka-map
Daniel Morissette
dmorissette at mapgears.com
Wed Jul 5 09:19:23 EDT 2006
Lorenzo Becchi wrote:
> Daniel, good work!
>
> > It should be possible to
> > * write a drop-in replacement for this file to different access control
> > * mechanisms.
> >
>
> do you already planned something?
> is it already working? or better, do you already deployed an
> application with this feature?
>
Nothing deployed with this feature yet, but we have a customer who needs
this for their site. An alternate drop-in replacement we could think of
could be to lookup the user privileges in a LDAP server instead of using
metadata in the mapfile for instance.
> what do you think are actual limitations?
>
> Using apache for access control is maybe the most secure approach even
> if it is a little tricky (you still have to do htaccess files and so on).
> Adding or deleting user is not so simple for everybody and is not
> application related (depending on which apache solution you use).
> With Andrea we use PHP SessionId for the query system and this is a
> feature that could be set in kamap obj to manage also other functions
> like access control.
Is there session management stuff in the ka-Map code in CVS already? If
yes then I should probably look at it and see if we could cache the user
privilege info in the session instead of looking it up on every hit.
Daniel
--
Daniel Morissette
http://www.mapgears.com/
More information about the ka-Map-users
mailing list