Free and Open Source Software for Geomatics Conference FOSS4G 2010 Barcelona

Selected Presentations

Home > Presentations > Abstract details




 As Geographic Information Systems move more and more to the web there is a strong need to protect those systems.  While most systems various forms of basic security for a particular server or applications their usefulness typically looses potency when application suites are used together as an integrated system.  A fine example is a Cataloging service combined with several Web Mapping and Web Feature Services and an editing UI, certain aspects of the application must be secured while others do not need to be.  Some of the application may be Java-based and others Python or C based web applications.  


This talk describes an architecture for constructing such a system based on the powerful and open source technology and protocols: CAS, LDAP and Spring Security.  


CAS (Central Authentication Service)[1] is a very common and flexible single sign technology that can be used in a standalone manner or integration with Facebook Connect[2], LDAP[3],  OpenID[4], SAML[5] among others.


LDAP (Lightweight Directory Access Protocol) is a very commonly used user directory of which there are several open source solutions available.


Spring Security[6] is an industrial strength security system that has excellent integration with CAS and LDAP as well as many many other security solutions and is based on the Spring Framework[7].


This architecture is very flexible can be a launching point for developing many security solutions such as CAS with a Database backend or OpenID or Facebook Connect.










Jesse Eichar - Camptocamp SA


Download the slides in PDF version