How to put Geoserver layers behind authentication?
I want to publish map layers using Geoserver and Qgis to consult them through WMS/WFS/WCS services. I’m bit lost when it comes to authentication possibilities. What I want is to create different users that will, by logging with their own name and password, be directed either to they own map window through OpenLayer or get access through an OGC service, by using the same password.
How can this securely done so that none of my users will be able to access each other’s layers?
best regards.
Marco
Hi Marco,
there are several options of authenticating to Geoserver. The main ones are:
- using default usergroup services that store user/groups information on xml files
- using a database for the same purpose
- using an external LDAP repo
Usually the approach you chose depends on whether you need to share the authentication with other applications other than Geoserver (for example you name OpenLayers based apps).
A common method in this case is to use LDAP, that you can configure both in Geoserver and the container of other applications (Tomcat or Apache HTTPD for example).
Other more complex scenarios include using CAS for single sign on services (Geoserver has an optional extension for CAS support) or Shibboleth.
After configuring authentication, you will also need to configure access rules to services (wms, wfs, wcs) and layers from the GeoServer Admin UI.
Mauro
···
2014-05-21 9:29 GMT+02:00 marco casella <mcasella03@anonymised.com>:
How to put Geoserver layers behind authentication?
I want to publish map layers using Geoserver and Qgis to consult them through WMS/WFS/WCS services. I’m bit lost when it comes to authentication possibilities. What I want is to create different users that will, by logging with their own name and password, be directed either to they own map window through OpenLayer or get access through an OGC service, by using the same password.
How can this securely done so that none of my users will be able to access each other’s layers?
best regards.
Marco
“Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos.
Get unparalleled scalability from the best Selenium testing platform available
Simple to use. Nothing to install. Get started now for free.”
http://p.sf.net/sfu/SauceLabs
Geoserver-users mailing list
Geoserver-users@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
Hi
I am also interested in using an authentication to connect a website to
GeoServer layers. Would LDAP be the only way to use the layers in a web map
built with OpenLayers? I have users and roles already in place in GeoServer
and I would like the the users to log in from the web site and connect with
the layers they have been assigned. I only need them to be able to view and
query the layers in the application, no write access.
I am fairly new to the authentication and the server side of things and
would like to learn more about it. Can you point me to any tutorials or
individuals that may be able to help with this?
-Leslie
--
View this message in context: http://osgeo-org.1560.x6.nabble.com/Authentication-issue-tp5141565p5142211.html
Sent from the GeoServer - User mailing list archive at Nabble.com.
Hi Leslie
No, LDAP is not the only way. As an example, you can use Basic Auth with Open Layers, look herehttp://osgeo-org.1560.x6.nabble.com/Load-GeoServer-WMS-secured-layers-with-OpenLayers-td3919938.html
There are other possibilities beyond the proposals from Mauro.
J2EE Authentication
Digest Auth
Proxy Auth
Certilficates
It depends on your requirements.
Christian
···
On Fri, May 23, 2014 at 7:10 PM, Leslie Purgason <leslie.purgason@anonymised.com> wrote:
Hi
I am also interested in using an authentication to connect a website to
GeoServer layers. Would LDAP be the only way to use the layers in a web map
built with OpenLayers? I have users and roles already in place in GeoServer
and I would like the the users to log in from the web site and connect with
the layers they have been assigned. I only need them to be able to view and
query the layers in the application, no write access.
I am fairly new to the authentication and the server side of things and
would like to learn more about it. Can you point me to any tutorials or
individuals that may be able to help with this?
-Leslie
–
View this message in context: http://osgeo-org.1560.x6.nabble.com/Authentication-issue-tp5141565p5142211.html
Sent from the GeoServer - User mailing list archive at Nabble.com.
The best possible search technologies are now affordable for all companies.
Download your FREE open source Enterprise Search Engine today!
Our experts will assist you in its installation for $59/mo, no commitment.
Test it for FREE on our Cloud platform anytime!
http://pubads.g.doubleclick.net/gampad/clk?id=145328191&iu=/4140/ostg.clktrk
Geoserver-users mailing list
Geoserver-users@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
–
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH