Hello all,
Hopefully this isn't a silly question and it is in the right place.
I have tried going through the backend and providing the username and
password, which works but the issue there was that it was very slow.
(backend is Laravel)
Making requests from javascript frontend directly to geo server made it so
much faster (had to make the layers public) and didn't have to provide
credentials. (Openlayers)
source: new ol.source.TileWMS({
url: "url-geoserver",
servertype: "geoserver",
params: {
LAYERS: "layer-example",
TILED: true,
},
}),
By using an authkey but with Browser developer tools everybody can see the
parameter of the requests and reuse the authkey.
This would be fine if the authkey had some kind of expiration data (like
jwt) and I had the ability to create a token in the backend that expires
after some time, and create a new one when that happened.
How does everyone else make this fast and secure? Any suggestions would be
useful.
--
Disclaimer:
The content of this email is confidential and intended for
the recipient specified in message only. It is strictly forbidden to share
any part of this message with any third party, without a written consent of
the sender. If you received this message by mistake, please reply to this
message and follow with its deletion, so that we can ensure such a mistake
does not occur in the future. The security of customers and suppliers as a
priority. Therefore, we have put efforts into ensuring that the message is
error and virus-free. Unfortunately, full security of the email cannot be
ensured as, despite our efforts, the data included in emails could be
infected, intercepted, or corrupted. Therefore, the recipient should check
the email for threats with proper software, as the sender does not accept
liability for any damage inflicted by viewing the content of this email.
No employee has the authority to conclude any binding contract without an
explicit written consent of their supervisor. Therefore, any will to enter
into an agreement must be confirmed by a second manager or director.
Any
quotation contained is sent to compare available offers and does not imply
entering into a legally binding contract.
Please do not print this email
unless it is necessary. Every unprinted email helps the environment.
The
views and opinions included in this email belong to their author and do not
necessarily mirror the views and opinions of the company. Our employees are
obliged not to make any defamatory clauses, infringe, or authorise
infringement of any legal right. Therefore, the company will not take any
liability for such statements included in emails. In case of any damages or
other liabilities arising, employees are fully responsible for the content
of their emails.
_______________________________________________
Geoserver-users mailing list
Please make sure you read the following two resources before posting to this
list:
- Earning your support instead of buying it, but Ian Turton:
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines:
http://geoserver.org/comm/userlist-guidelines.html
If you want to request a feature or an improvement, also see this:
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
