Hi Sachin
Since 2.3.x there is a CAS extensions which should meet your requirements.
Did you test it ?.
Cheers
Christian
2013/4/25 Jonathan Moules <[email protected]>
> At that point I'd expect your restrictions should be within the webserver.
> Jetty/Tomcat (whichever you're using) are where you specify what port it
> listens on and security certificates etc.
>
> Jonathan
>
>
>
>
> On 25 April 2013 15:14, Sachin Hirve <[email protected]> wrote:
>
>> @Jonathan and Stefano,, Thank you for your replies.
>>
>> I understand that a user may go around my wrapper to request the URL from
>> geoserver, but my next step was to restrict this situation. I am also
>> looking for mechanisms where geoserver may be tied to a particular
>> port/secure channel (may be certificates), in that case possible "go
>> around" can be blocked.
>>
>> Let me know if you have suggestions.
>>
>> Thanks
>> Sachin
>>
>> PS: I was earlier trying to modify the authentication mechanism of
>> geoserver to suit my requirements (CAS), but it seemed to be too involving
>> process.
>>
>>
>>
>> On Thu, Apr 25, 2013 at 4:59 AM, Jonathan Moules <
>> [email protected]> wrote:
>>
>>> Hi Sachin,
>>> Maybe I'm not understanding your requirements correctly, but GeoServer's
>>> Layer Preview just uses WMS and WFS requests. You can easily duplicate it
>>> yourself using OpenLayers - http://openlayers.org/dev/examples/.
>>> Restricting user's access can be done by the web-app but logically
>>> should be done within GeoServer itself (otherwise someone knowing what
>>> they're doing could simply make the request directly to GeoServer, going
>>> around your "wrapper").
>>>
>>> Jonathan
>>>
>>>
>>>
>>> On 25 April 2013 06:36, Sachin Hirve <[email protected]> wrote:
>>>
>>>> Hi,
>>>>
>>>> As far as I know, with current geoserver version, it is possible to
>>>> preview a layer without logging-in, but by directly entering a URL (with
>>>> service, layer and co-ordinates information) in the browser.
>>>>
>>>> I am wondering if it is possible to create a web-app wrapper around
>>>> geoserver, which would allow user to request to view a layer by specifying
>>>> complete URL (as described above)? I am only trying to introduce this web
>>>> interface between geoserver and user, so that I can introduce my own choice
>>>> of authentication to restrict even read requests (layer preview) for
>>>> authenticated users, while making minimum possible changes in geoserver.
>>>>
>>>> Please let me know if you have any suggestions/information about the
>>>> possible steps. Your help is highly appreciated.
>>>>
>>>> Thanks
>>>> Sachin
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Try New Relic Now & We'll Send You this Cool Shirt
>>>> New Relic is the only SaaS-based application performance monitoring
>>>> service
>>>> that delivers powerful full stack analytics. Optimize and monitor your
>>>> browser, app, & servers with just a few lines of code. Try New Relic
>>>> and get this awesome Nerd Life shirt!
>>>> http://p.sf.net/sfu/newrelic_d2d_apr
>>>> ____________ _________________________ __________
>>>> Geoserver-users mailing list
>>>> [email protected]
>>>> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>>>>
>>>>
>>>
>>>
>>> This transmission is intended for the named addressee(s) only and may
>>> contain sensitive or protectively marked material up to RESTRICTED and
>>> should be handled accordingly. Unless you are the named addressee (or
>>> authorised to receive it for the addressee) you may not copy or use it, or
>>> disclose it to anyone else. If you have received this transmission in error
>>> please notify the sender immediately. All email traffic sent to or from us,
>>> including without limitation all GCSX traffic, may be subject to recording
>>> and/or monitoring in accordance with relevant legislation.
>>>
>>
>>
>
>
> This transmission is intended for the named addressee(s) only and may
> contain sensitive or protectively marked material up to RESTRICTED and
> should be handled accordingly. Unless you are the named addressee (or
> authorised to receive it for the addressee) you may not copy or use it, or
> disclose it to anyone else. If you have received this transmission in error
> please notify the sender immediately. All email traffic sent to or from us,
> including without limitation all GCSX traffic, may be subject to recording
> and/or monitoring in accordance with relevant legislation.
>
>
> ------------------------------------------------------------------------------
> Try New Relic Now & We'll Send You this Cool Shirt
> New Relic is the only SaaS-based application performance monitoring service
> that delivers powerful full stack analytics. Optimize and monitor your
> browser, app, & servers with just a few lines of code. Try New Relic
> and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr
> _______________________________________________
> Geoserver-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>
>
--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH
------------------------------------------------------------------------------
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr
_______________________________________________
Geoserver-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
