Hi everyone,
I've installed aggregate onto google's appspot, as per instructions, but it
seems through this method that anyone with a google account can log in and
access the data or modify the forms. We want privacy for our data and only
allow designated people to read or modify the data. Is it possible to
restrict access through appspot to only certain people, or if I set up my
own aggregate server, is it possible to restrict access to both reading and
modifying the collected data?
Thanks,
Emily
Emily,
User authentication is on our TODO list but we are focused on setting a
standard that will work across all of the tools. We will be implementing the
OpenRosa's new ServerRosa standard once it's finished on all our tools (ODK
Collect, ODK Aggregate, etc). Basically we are waiting for the OpenRosa
community to settle on the standard. For example here is the proposed
authorization currently under debate:
http://bitbucket.org/javarosa/javarosa/wiki/AuthorizationAPI . The final
auth api we will use has to go through the javarosa community process. can't
predict when that will be done, because it involves the coordination of many
groups.
Instead of implementing something that may not be secure and inconsistent
between tools we opted to not claim security when it's not present.
Basically we want to do it correctly and not cause migration problems later.
Having said that we recognize that you need something now and so we have
made it easier for a developer to add custom security. To add additional
security in the v0.9.x code all the servlets with security call the
verifyCredentials function in ServletUtilBase. Right now it just forces you
to log in, in the future it will do more. In the short run you can put
whatever security you want there. A developer can modify the
verifyCredentials function to do the checking he wants. For example a simple
if (name.equals("Admin@gmail.com") will work because google accounts enforce
the login and names and you can just compare to verify the user is someone
you want.
The development team understands that this is something that needs to be
fixed and is near the top of our list. If you have specific suggestions on
the proposed standard should be please feel free to join the discussion on
JavaROSA. IF you have specific concerns of how version 1.0 of Aggregate will
implement security let us know.
Cheers,
Waylon
ยทยทยท
On Thu, Jul 29, 2010 at 5:05 PM, Emily Kumpel wrote:
Hi everyone,
I've installed aggregate onto google's appspot, as per instructions, but it
seems through this method that anyone with a google account can log in and
access the data or modify the forms. We want privacy for our data and only
allow designated people to read or modify the data. Is it possible to
restrict access through appspot to only certain people, or if I set up my
own aggregate server, is it possible to restrict access to both reading and
modifying the collected data?
Thanks,
Emily