Changes between Version 3 and Version 4 of MapGuideRfc20


Ignore:
Timestamp:
05/07/07 10:20:08 (18 years ago)
Author:
trevorwekel
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • MapGuideRfc20

    v3 v4  
    1 TBD
     1= !MapGuide RFC 20 - Concurrent FDO provider connections =
     2
     3This page contains a change request (RFC) for the !MapGuide Open Source project. 
     4More !MapGuide RFCs can be found on the [wiki:MapGuideRfcs RFCs] page.
     5
     6
     7== Status ==
     8 
     9||RFC Template Version||(1.0)||
     10||Submission Date||May 7, 2007||
     11||Last Modified||Trevor Wekel [[Timestamp]]||
     12||Author||Trevor Wekel||
     13||RFC Status||not ready for review||
     14||Implementation Status||not implemented||
     15||Proposed Milestone||1.2||
     16||Assigned PSC guide(s)||||
     17||'''Voting History'''||||
     18||+1||||
     19||+0||||
     20||-0||||
     21||-1||||
     22 
     23== Overview ==
     24
     25This RFC exposes existing functionality within !MapGuide to allow the MapGuide session identifier to be used to obtain userid, group, and role information for the user associated with the session identifier.
     26
     27== Motivation ==
     28
     29User, group and role information has to be currently maintained by the web applications.  Adding this functionality will make web applications easier to develop and has been requested by a number of users.
     30
     31== Proposed Solution ==
     32
     33
     34Expose the API:
     35
     36STRING MgUserInformation::GetUserName()
     37
     38MgByteReader* MgSite::EnumerateGroups( CREFSTRING user, CREFSTRING role );
     39MgStringCollection* MgSite::EnumerateRoles( CREFSTRING user, CREFSTRING group );
     40
     41
     42Make the following internal changes:
     43
     44Append the username (hex encoded) to the session identifier when it is created.  Modify permissions on EnumerateGroups and EnumerateRoles so that a user can enumerate his own groups and roles.
     45
     46== Implications ==
     47
     48This RFC is strictly an API enhancement.  Having the userid contained in the session identifier makes MapGuide a little less secure.  However, stealing a session identifier will compromise the user so the damage has already been done.
     49
     50== Test Plan ==
     51
     52Write a simple app to verify that standard users can access their own groups and roles.  Also validate that non-Author and non-Admin users do not have access to other groups and roles.
     53
     54== Funding/Resources ==
     55
     56Autodesk to provide resources / funding.