WD-DALI-1.1-20160415
Markus Demleitner
msdemlei at ari.uni-heidelberg.de
Mon Apr 18 10:24:38 CEST 2016
Hi Pat,
On Fri, Apr 15, 2016 at 08:38:59AM -0700, Patrick Dowler wrote:
> Relaxing the restriction on VOSI-tables allows one to have both
> anonymous and authenticated resources. We have some case where project
> catalogues are served via tap but only visible to authorised users;
> only the tables the user is allowed to query show up in the
> VOSI-tables or tap_schema output (how: my problem :-). This is just to
> allow the freedom to do that.
So, what you're proposing is essentially something like
<capability standardID="ivo://ivoa.net/std/VOSI#tables">
<interface xsi:type="vs:ParamHTTP">
<accessURL use="full">.../tap/run/tables</accessURL>
</interface>
<interface xsi:type="vs:ParamHTTP">
<accessURL use="full">.../tap/run/tables-auth</accessURL>
<securityMethod standardID="ivo://example.com/auth#divination"/>
</interface>
</capability>
I see how this could work. I suspect it would help to have such an
example somewhere in the standard to explain the intention.
Ah well, I guess in the long run TAP clients won't be able to ignore
cabiblities once they want to run a query, so perhaps requiring them
to parse it to figure out where to pull table metadata from doesn't
really hurt.
Cheers,
Markus
More information about the dal
mailing list