We want to serve some sensible data. It's OK to give it openly as a rendered
WMS layer, but we can't affor sending the vector data related to it.
Nevertheless, to cete a WMS content render I need to create a Feature type
that is automatically available.
You should be able to disable wfs all together so that any wfs access results in an exception. From the welcome page go to Config -> WFS -> Contents and check off enabled.
Note that if you use GeoServer 1.7.x this did not work until 1.7.1 just released.
-Justin
marjancek wrote:
We want to serve some sensible data. It's OK to give it openly as a rendered
WMS layer, but we can't affor sending the vector data related to it.
Nevertheless, to cete a WMS content render I need to create a Feature type
that is automatically available.
Is there any way to hide this content??
Thank you very much.
Mariano.
--
Justin Deoliveira
OpenGeo - http://opengeo.org
Enterprise support for open source geospatial.
Of course, I could have 2 intances of GeoServer, but I was hoping for
something simpler.
Is there any other way to block only a couple of WFS features?
Thanks a lot,
Mariano.
Justin Deoliveira-6 wrote:
Hi Mariano,
You should be able to disable wfs all together so that any wfs access
results in an exception. From the welcome page go to Config -> WFS ->
Contents and check off enabled.
Note that if you use GeoServer 1.7.x this did not work until 1.7.1 just
released.
-Justin
marjancek wrote:
We want to serve some sensible data. It's OK to give it openly as a
rendered
WMS layer, but we can't affor sending the vector data related to it.
Nevertheless, to cete a WMS content render I need to create a Feature
type
that is automatically available.
Is there any way to hide this content??
Thank you very much.
Mariano.
--
Justin Deoliveira
OpenGeo - http://opengeo.org
Enterprise support for open source geospatial.
Of course, I could have 2 intances of GeoServer, but I was hoping for
something simpler.
Is there any other way to block only a couple of WFS features?
Nope, none at all. You can either stop a service request completely
using the service level security, or make a dataset read only,
but you cannot combine the two.
Where wms is always read_only, and you can set roles for wms(read), wfs read
and wfs write sparatelly, al all together (as in poly_places, where write
would imply wms and wfs read)
But more important than the sintaxis, is the implementation of such thing.
I know I could have the client authenticate, but that's exactly what I'm
trying to avoid.
Where wms is always read_only, and you can set roles for wms(read), wfs read
and wfs write sparatelly, al all together (as in poly_places, where write
would imply wms and wfs read)
But more important than the sintaxis, is the implementation of such thing.
Implementation wise someone would have to modify
DefaultDataAccessManager and SecureTreeNode classes in the GeoServer
"main" module to consider the current service being used, something we
don't have as a straight parameter but it's available as a thread
local calling Dispatcher.REQUEST.get()
If you have enough java programming compentence in your organisation
that should get you started (if you need more details just ask,
either here on on IRC, GeoServer channel).
Implementation wise someone would have to modify
DefaultDataAccessManager and SecureTreeNode classes in the GeoServer
"main" module to consider the current service being used, something we
don't have as a straight parameter but it's available as a thread
local calling Dispatcher.REQUEST.get()
If you have enough java programming compentence in your organisation
that should get you started (if you need more details just ask,
either here on on IRC, GeoServer channel).
I guess we could get our hands dirty with the code, but probably the simples
solution will be to have a service to pass the requests to GeoServer, only
if it's requesting public information. That will give as much more
flexibility if we wish to implement some IP-based premissions, or anything
else.
