deegree 3 developer meeting (2008/11/20)
Protocol by: MarkusSchneider
Some aspects of implementing security mechanisms in deegree3 have been clarified. A short-term solution is needed for communicating the common username/password pair to a web service (such as the WPS). This has to be added to the frontcontroller in the next two weeks. The communication of the credentials is realized by augmenting OGC requests (XML/KVP/SOAP) with additional parameters (comparable to deegree2):
- KVP: The additional parameters are added as standard KVP paramters to the request. NOTE: This affects both POST and GET communication.
XML: In deegree2, username/password attributes are appended to the root request element. In deegree3, the KVP-like approach (GET) is favored, i.e. the parameters are appended to the service URL http://...services?username=XYZ&password=XXX. The main benefit is that the request documents stay valid according to the OGC schemas.
- SOAP: The credentials are communicated using SOAP standard mechanisms, i.e. in the SOAP header.
An SVN module has been created for grid related deegree extensions. See http://wald.intevation.org/plugins/scmsvn/viewcvs.php/contrib/grid_computing/?root=deegree
3. Configuration change callback
It was agreed that it would be useful to implement a mechanism in deegree3 that informs registered clients on server configuration changes. Example use case: a running iGeoportal instance gets the information from it's WMS source that a certain layer is not available anymore. Thus, the application removes it from the layer list automatically.