[Geoserver-devel] New Community Module : External Web Authentication

+1

-Jukka Rahkonen-

Lähettäjä: Imran Rajjad <rajjad@…403…>
Lähetetty: perjantai 10. heinäkuuta 2020 14.31
Vastaanottaja: Geoserver-devel geoserver-devel@lists.sourceforge.net
Aihe: [Geoserver-devel] New Community Module : External Web Authentication

(attachments)

image.png
image.png
image.png

···

Dear List,

Introduction and Background:

This email is a proposal for a new Authentication module that can be used to integrate GeoServer with external HTTP Authentication endpoints. GeoServer already provides authentication via JDBC, LDAP. The new proposed module works similarly, as it queries an external URL to authenticate the user. There are multiple scenarios where GeoServer is deployed in environments having centralized authentication services. This community module is aimed at simplifying and streamlining this type integration.

Authentication :

The external HTTP endpoint will be configurable through known place holders {user} and {passowrd}. (e.g http://localhost:5000/auth?u={user}&p={password}. These placeholders will be substituted with credentials.

image.png

Authorization Options :

For services responding with roles, the module will parse the roles in response using a configured Regex expression.

image.png

Alternatively, an existing Role service can be selected to authorize a successfully authenticated user. By default the system level Role service will be used.

image.png

Looking forward to your valuable feedback and suggestions

regards,

Imran

– I.R