You are using catalog mode MIXED. AFAIK in this mode all layers are
included in the GetCapibilities answer.
Did you try catalog mode HIDE ?
Cheers
Christian
2013/4/9 Halling, Lene <[email protected]>
> Hello, ****
>
> ** **
>
> I am trying to set up layer security in GeoServer 2.2.4, but am
> encountering some problems.****
>
> I want to set access for 15 external (Internet) users on 30 different
> layers, where user A is to****
>
> have access to layer A1 and A2, user B to access to layer B1 an B2 etc.
> They should not be able to see each ****
>
> other's layers, nor should the general public see any of them. In addition
> there are****
>
> a number of layers that are to be freely accessible to everybody, and a
> couple that are hidden to all except Admin. ****
>
> ** **
>
> All the layers are in the same workspace and the same store.****
>
> ** **
>
> For the time being I am using default role service, basic authentication,
> and have set up a separate****
>
> role for each user.****
>
> ** **
>
> My layers.properties looks like this:****
>
> ** **
>
> #Fri Apr 05 14:45:16 CEST 2013****
>
> *.*.r=*****
>
> *.*.w=ADMIN,GROUP_ADMIN****
>
> mode=MIXED****
>
> FMVA_Natur.sensartA_fl.r=ARolle,GROUP_ADMIN****
>
> FMVA_Natur.sensartB_flt.r=BRolle,GROUP_ADMIN****
>
> FMVA_Natur.sikretlag.r=ADMIN,GROUP_ADMIN****
>
> ** **
>
> What happens is that everything looks perfect when I test using QGIS, both
> from my Intranet and the ****
>
> Internet - user A sees layer A and not B, and vice versa. But testing in
> Gaia 3, ArcGIS or requesting Capabilities in my ****
>
> Firefox browser, the layers are either open to all these users, or
> invisible to everybody. The same thing ****
>
> happens when one of my external users tests for me (with a proprietary,
> Norwegian map program). Both ****
>
> A and B can see either both layers, or none.****
>
> ** **
>
> But logging in these users in the GeoServer Admin interface, they cannot
> even access Layer Preview for their own ****
>
> layers, because access is denied for a couple of others (if I understand
> the log file right). ****
>
> ** **
>
> Have I done something basically wrong in GeoServer? I have experimented a
> bit, but finally followed the ****
>
> procedure described in Iacovella/Youngbloods "Geoserver beginner's Guide".
> (Set up users, groups, roles, ****
>
> and data rules) But I wonder whether I should use different stores or
> workspaces for the different users?****
>
> ** **
>
> Or is it possible that these user programs formulate requests (or
> authentication strings) in different ways, and that ****
>
> GeoServer cannot interpret them, so that requests from Gaia 3 or ArcGis
> come across as anonymous? If so, is ****
>
> there anything I can do about it in GeoServer? I don’t know how to find
> out what the requests really look like. ****
>
> ** **
>
> It is difficult to see what is wrong when different tools give different
> results, so I would really appreciate it if ****
>
> somebody has any suggestions.****
>
> ** **
>
> Best regards,****
>
> * *
>
> *Lene Halling
>
> *****
>
> ** **
>
>
> ------------------------------------------------------------------------------
> Precog is a next-generation analytics platform capable of advanced
> analytics on semi-structured data. The platform includes APIs for building
> apps and a phenomenal toolset for data science. Developers can use
> our toolset for easy data analysis & visualization. Get a free account!
> http://www2.precog.com/precogplatform/slashdotnewsletter
> _______________________________________________
> Geoserver-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>
>
--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Geoserver-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
