wiki:proposals/ImprovedSecurityArchitecture

Version 2 (modified by heikki, 14 years ago) ( diff )

--

Proposal title

Date 2010/12/15
Contact(s) Heikki Doeleman & Jose Garcia
Last edited 2010/12/15
Status Draft In Progress
Assigned to release 2.7
Resources Nordic countries (Denmark, Finland, Norway and Sweden)

Overview

Short description of the improvement proposal. ...

Proposal Type

  • Type: GUI Change, Core Change, Module Change, Guideline and project governance procedures, ...
  • App: GeoNetwork or !Intermap
  • Module: eg. Harvester, Kernel, Data Manager, Metadata Import, Lucene Index, Search Interface ...
  • Documents:
  • Email discussions:
  • Other wiki discussions:

Voting History

  • Vote proposed by X on Y, result was +/-n (m non-voting members).

Motivations

This document describes the architecture we propose to enable and enhance the use of various security providers with GeoNetwork opensource. We will give an overview of the current way of dealing with security in GeoNetwork 2.x and GeoNetwork 3.x, after which we will present this proposal in more detail.

This proposal entails the use of Spring Security, a well-known framework that supports the use of one or several security providers. It also entails the introduction of a dedicated GN security component (GAAP), which is already in use in GeoNetwork 3.x, into GeoNetwork 2.x.

current situation in GeoNetwork 2.x

This section describes the implementation of authentication and authorization in the current releases of GeoNetwork 2.x (as also in trunk).

Users and Groups

GeoNetwork maintains DBMS tables for Users and Groups. A User is an entity that can log in, log out, has a Profile (this is best understood as a Role), and is part of one or more Groups. Access to metadata is restricted by Profile and Group. The Group privileges to access a metadata are stored in a DBMS table and also in the Lucene index. In the code these access privileges are overridden by checking on Profile (esp. Users with Profile "Administrator" are permitted access to all metadata). The metadata access is further specified in access types (View, Edit, and a few other ones).

LDAP

It is possible to configure an external LDAP security provider. In this case, after a successful login, the User information obtained from LDAP is temporarily inserted into the GeoNetwork Users DBMS table. When the session ends (upon logout or expiration) they remain in the database. It is not possible to configure more than one LDAP provider.

current situation in GeoNetwork 3.x

This section describes the implementation of authentication and authorization in the current branch of GeoNetwork 3.x.

In GeoNetwork 3.x the picture is slightly changed because of the introduction of a new, separate Web application, GeoNetwork CSW/ebRIM. This application restricts access to its ebRIM metadata based on the privileges for the ISO19139 metadata (in "Legacy" GeoNetwork) that the ebRIM metadata was created for. In order to separate concerns an extra new Web application was introduced, GAAP (GeoNetwork Authentication & Authorization Application).

The GeoNetwork Users and Groups DBMS tables, as well as the metadata privileges table in GeoNetwork 3.x are moved to GAAP. GeoNetwork CSW/ebRIM consults GAAP to control access to its ebRIM metadata. Legacy GeoNetwork consults GAAP to control access to its metadata.

outline of proposed changes

This section summarizes our proposed changes. The changes are intended to:

  • allow for the use of more than one authentication provider, simultaneously
  • add support for SAML-based authentication (Single-Sign On)
  • allow for the use of other types of external security providers
  • improve on the implementation when using GeoNetwork Authentication and/or one or more external security providers
  • improve performance as compared to the current GeoNetwork 3.x code
  • The proposal involves the introduction of GAAP in GeoNetwork 2.x and modifications to the working of GAAP and Legacy GeoNetwork.

Proposal

An in depth proposal can be found here : link ...

Backwards Compatibility Issues

New libraries added

Explain which and why new libraries are required for that proposal ...

Risks

Participants

  • List of participants and role (if necessary) in current GIP

Attachments (7)

Download all attachments as: .zip

Note: See TracWiki for help on using the wiki.