Brian Moseley talked to us this morning about the work on designing a server for sharing calendaring and other items. This is a separate, but coordinated, project within OSAF. The server is called Cosmo.
Brian’s presentation slides are here.
It’s interesting to see OSAF move closer over time to a more server-oriented view of the world. Of course, those of us in the CSG have been trying to tell them all along that servers make a lot of sense 🙂
Why a sharing server? More than a file server but not a content management service – it’s “content aware”.
Cosmo is being built on the Java/J2EE platform, instead of in Python like Chandler.
They decided to use the Java Content Repository (JCR) as a base, rather than Slide. Apache’s Jackrabbit is the reference implementation, incubating at Apache
– in pre-alpha
– provides core implementation of JCR interfaces.
– stateful repository server
– Analagous to JDBC but non-relational
– allows abstraction of content store from server, unlike Slide
– “Content repository API for Java”
– main query structure is xpath
They’re using the Spring Framework for lots of functionality.
for security they’re using Acegi Security Framework
– built on top of spring
– security of channel?
– where do we send user if unauthenticated logins come in?
– handles role-based authorization and ACL authorization
– secures both the web layer and the JCR repository
DAV: Jackrabbit jcr-server
Jacrabbit jcr server provides a simple WebDAV servlet
Cosmo extends jcr-server to:
– incorporate Spring for config and depndency
– secure access to the JCR repository via Acegi
– will implement CalDAV
– will ticket based access control
Mechanisms under consideration: LDAP, SQL, CAS, Shib, others?
Providing a simple Cosmo interface for external auth plugins
Cosmo user management API for synchronizing with external user databases.
There will be an interface for automatically synching accounts with external data sources e.g. with LDAP.
Cosmo 0.2 planned for release with Chandler 0.6. Won’t include external authentication, but will include:
– Account self-management
– ticket-based security
– iCal interop
– CalDAV interop