[Geoserver-users] geoserver and layers security

Hello all,

I wanna to ask how can I add a security key or any credentials to my layers on geoserver?
As I want to protect my layers from being hacked on the web

Thanks,

Marwa Elsaid

2011/3/2 marwa El-said <melsaid2009@anonymised.com>

Hello all,

I wanna to ask how can I add a security key or any credentials to my layers on geoserver?
As I want to protect my layers from being hacked on the web

What do you mean when you say “layers being hacked”? Do you mean viewed it then
http://suite.opengeo.org/docs/geoserver/security/sec_layer.html explains how but if you mean changed then just changing the admin password should be fine.

Ian

Ian Turton

2011/3/2 marwa El-said <melsaid2009@anonymised.com>

Hello all,

I wanna to ask how can I add a security key or any credentials to my layers on geoserver?

By reading the documentation and applying its contents :slight_smile:

http://docs.geoserver.org/stable/en/user/security/index.html

Or if you just don’t need WFS-T, disable it in the WFS configuration (switch to the basic profile)

Cheers
Andrea

Ing. Andrea Aime
GeoSolutions S.A.S.
Tech lead

Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy

phone: +39 0584 962313
fax: +39 0584 962313
mob: +39 333 8128928

http://www.geo-solutions.it
http://geo-solutions.blogspot.com/
http://www.youtube.com/user/GeoSolutionsIT
http://www.linkedin.com/in/andreaaime
http://twitter.com/geowolf


Hello all,

I mean that I wann to add a key to my map to prevent any one from streaming my maps and using it for any other purpose
How can I add key to my maps on geoserver like google maps API key or something similar to this.

Regards,

Marwa Elsaid


Date: Wed, 2 Mar 2011 14:11:58 -0500
Subject: Re: [Geoserver-users] geoserver and layers security
From: ijturton@anonymised.com
To: melsaid2009@anonymised.com
CC: geoserver-users@lists.sourceforge.net

2011/3/2 marwa El-said <melsaid2009@anonymised.com>

Hello all,

I wanna to ask how can I add a security key or any credentials to my layers on geoserver?
As I want to protect my layers from being hacked on the web

What do you mean when you say “layers being hacked”? Do you mean viewed it then
http://suite.opengeo.org/docs/geoserver/security/sec_layer.html explains how but if you mean changed then just changing the admin password should be fine.

Ian

Ian Turton

Hello Marwa,

Did you get a reply about this? We’re also interested in a solution.

Not sure how Google Maps works exactly, but one approach is to set up a proxy server which interrogates the HTTP_REFERER field in the request header, and only forwards the request to Geoserver if this reflects the domain from which your client was served. Of course, this could be spoofed, but it would prevent all but the most determined developer. In fact, we’re thinking of using this technique to set up a Geoserver login session (to mimic a user/password entry), which would handle the authentication from then on.

It would be interesting if anyone knew how the domain-specific authentication works for Google Maps…?

Andy