Hi,
I am trying to figure out the security systems within Geoserver.
I have data in Postgis which is served through geoserver in Tomcat6 on Linux
Ubuntu and am trying to get a few things straight. I would be grateful if
anyone could give me any assistance in trying to understand exactly how the
security works and what is being secured. I would like to set up a safe editing
environment using PostGIS, Geoserver and a thick client ( eg. Quantum, or
possibly ArcGIS)
1.Is it true that If I create a connection to a postgis database with a thick
client(eg.Quantum GIS), any security settings in geoserver are
irrelevant...e.g" wfs service level : basic" This would only affect editing
through a thin-client (e.g GeoExt in a browser). This is exactly what I have
experienced anyway.
2. Is it true that the security settings that are set in are only for the
defined Geoserver users, which are then defined by their roles and this
controls what can be done whilst inside the geoserver GUI. For example. If a
user is only supposed to see one Layer and its characteristics in geoserver,
then this would be set to read only for this user. (in this example the
getCapabilties document would show all layers anyway wouldn´t it?)
3. service level security: "wfs.Transaction=ROLE_WFS_WRITE" is an example given
in the geoserver docs. Would this restrict an editing session done through
postgis with a quantum gis client?
I hope these questions are clear enough.
Thanks,
rob
------------------------------------------------------------------------------
BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA
Learn about the latest advances in developing for the
BlackBerry® mobile platform with sessions, labs & more.
See new tools and technologies. Register for BlackBerry® DevCon today!
http://p.sf.net/sfu/rim-devcon-copy1
_______________________________________________
Geoserver-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
