Hi Andrea,
What do you mean by “normally”? Where’s the exception? :-p
I know, not doing “security by obscurity” is no good idea.
Actually, I do not authenticate every single user in GeoServer. If we’re using WFS with security/authentication, we use the same “service account” for all clients, so I’m not able to identify different users. Also, I cannot use the client’s IP address, since they use DHCP and addresses may change over time (additionally, all VPN-connected users share a complete different subnet…). So, AFAIK, with GeoFence as well as with GS built-in security it’s difficult to target specific users while using a single service account.
After all, I was just looking for a really simple solution w/o the need to implement a full blown user and right management (e.g. making all 500+ users known to GeoServer). Finally, the customer is likely not willing to pay for such a huge change, while a simpler solution exists…
Customer: “… just remove that link… cannot be that difficult…”
Me: “no, it’s simple, but maintainers dislike…”
So, I can understand both sides. Nevertheless, I’m screwed, since, at the end, I cannot implement any solution for the problem.
What if this change (remove anonymous Layer Preview) will have nothing to do with security? It’s just an UI tweak/improvement? Like Jody’s recent Start Page overhaul?
I still I believe a context property in web.xml could do the job:
ANONYMOUS_LAYER_PREVIEW_ACCESS
false
I could swear, that, some years ago, I managed to remove the Layer Preview menu item from anonymous start page with a simple setting. I found that in, either the documentation or wherever… Unfortunately, I cannot remember exactly. However, it worked in those days. Can you remember whether such a setting was present in an older version?
Regards,
Carsten