[Geoserver-devel] New Community Module : External Web Authentication

Dear List,

Introduction and Background:
This email is a proposal for a new Authentication module that can be used to integrate GeoServer with external HTTP Authentication endpoints. GeoServer already provides authentication via JDBC, LDAP. The new proposed module works similarly, as it queries an external URL to authenticate the user. There are multiple scenarios where GeoServer is deployed in environments having centralized authentication services. This community module is aimed at simplifying and streamlining this type integration.

Authentication :
The external HTTP endpoint will be configurable through known place holders {user} and {passowrd}. (e.g http://localhost:5000/auth?u={user}&p={password}. These placeholders will be substituted with credentials.

image.png

Authorization Options :

For services responding with roles, the module will parse the roles in response using a configured Regex expression.

image.png

Alternatively, an existing Role service can be selected to authorize a successfully authenticated user. By default the system level Role service will be used.

image.png

Looking forward to your valuable feedback and suggestions

regards,
Imran

– I.R

+1 from me

Ian

(attachments)

image.png
image.png
image.png

···

Ian Turton

+0

(attachments)

image.png
image.png
image.png

···

Regards,
Simone Giannecchini

GeoServer Professional Services from the experts!
Visit http://bit.ly/gs-services for more information.

Ing. Simone Giannecchini
@simogeo
Founder/Director

GeoSolutions S.A.S.
Via di Montramito 3/A
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 333 8128928

http://www.geo-solutions.it
http://twitter.com/geosolutions_it


Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni circostanza inerente alla presente email (il suo contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le sarei comunque grato se potesse darmene notizia.

This email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. We remind that - as provided by European Regulation 2016/679 “GDPR” - copying, dissemination or use of this e-mail or the information herein by anyone other than the intended recipient is prohibited. If you have received this email by mistake, please notify us immediately by telephone or e-mail.

+0

(attachments)

image.png
image.png
image.png

···

Regards,
Nuno Oliveira

GeoServer Professional Services from the experts!
Visit http://goo.gl/it488V for more information.

Nuno Miguel Carvalho Oliveira
@nmcoliveira
Software Engineer

GeoSolutions S.A.S.
Via di Montramito 3/A
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272

http://www.geo-solutions.it
http://twitter.com/geosolutions_it


Con riferimento alla normativa sul trattamento dei dati
personali (Reg. UE 2016/679 - Regolamento generale sulla
protezione dei dati “GDPR”), si precisa che ogni
circostanza inerente alla presente email (il suo contenuto,
gli eventuali allegati, etc.) è un dato la cui conoscenza
è riservata al/i solo/i destinatario/i indicati dallo
scrivente. Se il messaggio Le è giunto per errore, è
tenuta/o a cancellarlo, ogni altra operazione è illecita.
Le sarei comunque grato se potesse darmene notizia.

This email is intended only for the person or entity to
which it is addressed and may contain information that
is privileged, confidential or otherwise protected from
disclosure. We remind that - as provided by European
Regulation 2016/679 “GDPR” - copying, dissemination or
use of this e-mail or the information herein by anyone
other than the intended recipient is prohibited. If you
have received this email by mistake, please notify
us immediately by telephone or e-mail.