All,
In hunting around this some more, I’ve found a thread from a year ago around this thing (Enabling only WMS on selected layers), quote below:
That unfortunately it’s not possible using the build-in security subsystem of GeoServer, it requires a way to express a security rule that involves at the same time layer and service.
There are two security plugins that can do that, one is publicly available, GeoShield, but it hasn’t reached the 1.0 release level and I haven’t seen any news in a long while […]. The other is called GeoFence (formerly GeoRepository) and has been offered so far as a bonus in GeoServer commercial support contracts…
Can anyone advise if this is still the case and if the options to achieve the below is only using something like GeoFence or GeoShield?
Many thanks, any feedback greatly appreciated.
Rob
From: Langford, Robert [mailto:Robert.Langford@…5490…]
Sent: 12 March 2014 15:51
To: ‘geoserver-users@lists.sourceforge.net’
Subject: [Geoserver-users] Restricting WFS access to a Workspace
Hi all,
Not sure if I’m missing something obvious, but I cannot work out how to do this simply.
Simplified desired outcome:
· 2 different Workspaces (with different multiple layers, stores, etc): WS_PUBLIC & WS_PRIVATE
· WS_PUBLIC, with:
o “read” access only
o WMS: enabled and accessible to all anonymously
o WFS: enabled and accessible to all anonymously
· WS_PRIVATE, with:
o “read” access only
o WMS: enabled and accessible to all anonymously
o WFS: enabled but with restricted access
Is this easily possible using Geoserver’s Security settings, what can anyone recommend?
I know that I could clone WS_PRIVATE and make one WMS only and open, then lock down the other with the Geoserver’s “Data Security” and enable WFS on it. However I’d prefer to avoid any duplication if possible.
Many thanks,
Rob
<br>DISCLAIMER: The information contained in this communication/message from [Robert.Langford@...5490...](mailto:Robert.Langford@...5490...) sent on Wed Mar 12 15:50:41 2014 is confidential. It is intended solely for the addressee(s) [geoserver-users@lists.sourceforge.net](mailto:geoserver-users@lists.sourceforge.net)<br>
<br><br>
<br>Access to this message by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, or distribution of the message, or any action or omission taken by you in reliance on it, is prohibited and may be unlawful.<br>
<br>As a public body, Salford City Council may be required to disclose this email [or any response to it] under the Freedom of Information Act 2000, unless the information in it is covered by one of the exemptions in the Act. <br>
<br>Please immediately contact the sender, [Robert.Langford@...5490...](mailto:Robert.Langford@...5490...) if you have received this message in error. <br>
<br><br>
<br>For the full disclaimer please access [http://www.salford.gov.uk/e-mail](http://www.salford.gov.uk/e-mail). Thank you.<br>
|
<br>DISCLAIMER: The information contained in this communication/message from Robert.Langford@...5490... sent on Thu Mar 20 11:00:49 2014 is confidential. It is intended solely for the addressee(s) geoserver-users@lists.sourceforge.net<br><br>Access to this message by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, or distribution of the message, or any action or omission taken by you in reliance on it, is prohibited and may be unlawful.<br>As a public body, Salford City Council may be required to disclose this email [or any response to it] under the Freedom of Information Act 2000, unless the information in it is covered by one of the exemptions in the Act. <br>Please immediately contact the sender, Robert.Langford@...5490... if you have received this message in error. <br><br>For the full disclaimer please access http://www.salford.gov.uk/e-mail. Thank you.<br>
|