Thank you, that makes sense.
I've been looking deeper into our use case, and it turns out everything
wanted can be done by filtering based on attributes on the feature.
So I would write a class that implements ResourceAccessManager and
override getAccessLimits
(I think the DataAccessLimits version). It would call the web service to
get the attribute names and values to filter with. It would then filter
out any entries that don't match.
Does that sound right? Is there some easier way to do that?
Thanks again for your help,
Ron
On Wed, Jul 2, 2014 at 12:46 PM, Andrea Aime <[email protected]>
wrote:
> On Wed, Jul 2, 2014 at 6:55 PM, Ron Romero <[email protected]>
> wrote:
>
>> I'm trying to set up fine-grained security with Geoserver, but I can't
>> find a hook to intercept the request and modify it based on the users
>> permission. For example, we sell access at the state or county level. I
>> want to request a WMS layer, and have Geoserver only return features in the
>> state or county I've purchased. I've got an entitlements server that gives
>> the state or county names that the user can access. I just need to modify
>> the query or results to narrow to that region.
>>
>> Is this possible with Geoserver's security? Has anyone tried doing this?
>>
>
> We do this a lot with GeoFence (
> https://github.com/geosolutions-it/geofence).
> You can do the same with your security backend by implementing a custom
> ResourceAccessManager and plug it in
> (e.g. declare it as a spring bean).
>
> I guess you can use the GeoFence own resource access manager
> implementation as a template to implement yours:
>
> https://github.com/geosolutions-it/geofence/blob/master/src/geoserver/security/src/main/java/it/geosolutions/geofence/GeofenceAccessManager.java
>
> Cheers
> Andrea
>
> --
> ==
> GeoServer Professional Services from the experts! Visit
> http://goo.gl/NWWaa2 for more information.
> ==
>
> Ing. Andrea Aime
> @geowolf
> Technical Lead
>
> GeoSolutions S.A.S.
> Via Poggio alle Viti 1187
> 55054 Massarosa (LU)
> Italy
> phone: +39 0584 962313
> fax: +39 0584 1660272
> mob: +39 339 8844549
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> -------------------------------------------------------
>
--
Ron Romero
Sr. Software Architect
------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
Geoserver-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
