Girder: a data management platform
What is Girder?
Girder is a free and open source web-baseddata management platform, developed byKitware. What doesthat mean? Girder is both a standalone application and a platform for building new webservices. It’s meant to enable quick and easy construction of web applicationsthat have some or all of the following requirements:
- Data organization and dissemination
Many web applications need to manage data that are dynamically provided byusers of the system, or exposed through external data services. Girder makesconstruction and organization of dynamic data hierarchies simple. One ofthe most powerful aspects of Girder is that it can transparently store, serve,and proxy data from heterogeneous backend storage engines through a single RESTfulweb API, including local filesystems, MongoDB databases, Amazon S3-compliantkey-value stores, and Hadoop Distributed Filesystems (HDFS).
- User management & authentication
Girder also includes everything needed for pluggable user management andauthentication out of the box and adheres to best practices in web security.The system can be configured to securely store credentials itself, or deferto third-party authentication services such as OAuth or LDAP.
- Authorization management
Girder supports a simple access control scheme that allows both user-basedand role-based access control on resources managed in the system. The projecthas undergone rigorous security audits and has extensive automated testingto exercise authorization behavior and ensure correctness.
For an overview of the concepts present in Girder, we recommend checking out theUser Guide.
Girder is published under the Apache 2.0 License. Its source code can be found athttps://github.com/girder/girder.
The architecture
Girder’s server-side architecture is focused around the construction of RESTfulweb APIs to afford minimal coupling between the backend services and thefrontend clients. This decoupling allows multiple clients all to use the sameserver-side interface. While Girder does contain its own single-page javascriptweb application, the system can be used by any HTTP-capable client, either insideor outside of the web browser environment. Girder can even be run without itsfront-end application present at all, only serving the web API routes.
The web API is mostly used to interact with resources that are represented bymodelsin the system. Models internally interact with a Mongo database to store andretrieve persistent records. The models contain methods for creating, changing,retrieving, and deleting those records. The core Girder modeltypes are described in theConcepts section of the user guide.
The primary method of customizing and extending Girder is via the development ofplugins, the process of which is described in thePlugin Developmentsection of this documentation. Plugins can, for example, add new REST routes,modify or remove existing ones, serve up a different web application from the serverroot, hook into model lifecycle events or specific API calls, override authenticationbehavior to support new authentication services or protocols, add a new backendstorage engine for file storage, or even interact with a completely different DBMSto persist system records – the extent to which plugins are allowed to modify andextend the core system behavior is nearly limitless.
Plugins are self-contained in their own directory within the Girder source tree.Therefore they can reside in their own separate source repository, and are installedby simply copying the plugin source tree under an existing Girder installation’splugins directory. The Girder repository contains several generallyuseful plugins out of the box, which are described in thePlugins section.