I created some security settings on GeoServer, and also some users, with certain access restrictions.
However, I would not like to have to enter the login and password when calling the request to GeoServer (on the front end), for security reasons, considering that the layers are private.
Does anyone have any tips to give, how to do, in addition to the options below? I’m using the Google Maps Javascript API on the front end.
The application today is written in PHP and uses to authenticate only the session, does not use OAuth.
I am thinking of creating a proxy (in PHP) and using it in the PROXY_BASE_URL property, to filter the requests before reaching GeoServer, and validating the authentication through token.