Hi all,
I am currently using Geoserver 1.7.5 and am facing a security configuration issue :
My webservices (mainly WMS and WFS) are intented to be used in our web application and also via GIS tools (ArcMap or so).
I have 2 WFS services, one for non logged in users of our web application and GIS tools users, the public one, and another one which should be accessible only for our logged in users.
As the protected WFS should not be accessible, I setted up per layer security, which works perfectly, but my problem is that my authentified users need to log-in again for geoserver when requesting data on our web site.
I first thought about configuring J2eePreAuthenticatedProcessingFilter for geoserver use acegi security, but Geoserver version of Acegi is not implementing this yet, and I don’t want to rebuild Geoserver.
I then thought about filtering with tomcat realm security, but I have many wfs layers and I couldn’t manage to filter on one particularly.
I read about the suggestion of many geoserver instances but there is only one layer to protect.
Do you have any suggestion on how I can manage this ?
Cheers,
Sylvie
Achetez un nouveau PC et bénéficiez de Windows 7 dès sa sortie ! En savoir plus
Hello,
I wonder if it's possible to get configuration data in order to correctly configure OpenLayers client for a specified map (for instance through the REST GeoServer service).
I think of data like srs, maxResolution, projection, layers... In fact, everything I can see in the source code of the OpenLayers map preview page of GeoServer.
Thanks very much for your help!
Thierry
sylvie fiat ha scritto:
Hi all,
I am currently using Geoserver 1.7.5 and am facing a security configuration issue :
My webservices (mainly WMS and WFS) are intented to be used in our web application and also via GIS tools (ArcMap or so).
I have 2 WFS services, one for non logged in users of our web application and GIS tools users, the public one, and another one which should be accessible only for our logged in users.
As the protected WFS should not be accessible, I setted up per layer security, which works perfectly, but my problem is that my authentified users need to log-in again for geoserver when requesting data on our web site.
I first thought about configuring J2eePreAuthenticatedProcessingFilter for geoserver use acegi security, but Geoserver version of Acegi is not implementing this yet, and I don't want to rebuild Geoserver.
What version of Acegi was that introduced into?
I then thought about filtering with tomcat realm security, but I have many wfs layers and I couldn't manage to filter on one particularly.
I read about the suggestion of many geoserver instances but there is only one layer to protect.
Do you have any suggestion on how I can manage this ?
Did you try force the security mode to "challenge"?
mode=CHALLENGE
http://geoserver.org/display/GEOSDOC/2.6+Security+subsystem
This will make the browser and other common app to provide a auth
prompt the first time the user tries to access the layer.
Is this what you were looking for?
Cheers
Andrea
Well it is possible to get the info from a layer out in xml and json which should have all the necessary information to make the request.
Thinking about this what I think would be really cool is to just have the html format of a layer return the generated openlayers map snippet for it. Sort of how we do for the openlayers wms output format but more bare bones.
Thierry Templier wrote:
Hello,
I wonder if it's possible to get configuration data in order to correctly configure OpenLayers client for a specified map (for instance through the REST GeoServer service).
I think of data like srs, maxResolution, projection, layers... In fact, everything I can see in the source code of the OpenLayers map preview page of GeoServer.
Thanks very much for your help!
Thierry
------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
--
Justin Deoliveira
OpenGeo - http://opengeo.org
Enterprise support for open source geospatial.