But surely in that scenario, anyone can still spoof the traffic to the WMS
using a web-browser or whatever they wanted to? We have a reverse proxy on
our system - anyone can make requests to it to get our data and it
diligently forwards them onto the GeoServer.
I think it's impossible to stop accessing of the WMS unless some sort of
wrapper is created around the OpenLayers application that encodes
everything, and there's a decoding script on the server. To stop a
stand-alone WMS it wouldn't even need to be good encoding. But even that
wouldn't stop someone dedicated - they could just look at the OpenLayers
wrapper and reverse engineer it.
Jonathan
On 25 August 2013 22:52, Phil Scadden <[email protected]> wrote:
> I've thought about this (to protect WFS services which would allow a
> user far greater access to your data). You have the geoserver in
> protected space. In your public space, you have a your
> password-protected web application. Your "WMS" service points to this
> application with a dummy name. The application (a proxy) decodes the
> request and passes it to geoserver, then echoes the response back to the
> caller. There isnt anyway for the client to determine the machine
> address of the geoserver without hacking your web server. Come to think
> of it, I have a SOLR server set up this way - it filters SOLR search
> requests before handing them to SOLR while the server itself is not
> externally accessible. Unfortunately, I am not clear on how IT set this
> up as far as firewall setting etc but the proxy was pretty simple.
>
> Notice: This email and any attachments are confidential.
> If received in error please destroy and immediately notify us.
> Do not copy or disclose the contents.
>
>
>
> ------------------------------------------------------------------------------
> Introducing Performance Central, a new site from SourceForge and
> AppDynamics. Performance Central is your source for news, insights,
> analysis and resources for efficient Application Performance Management.
> Visit us today!
> http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
> _______________________________________________
> Geoserver-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>
--
This transmission is intended for the named addressee(s) only and may
contain sensitive or protectively marked material up to RESTRICTED and
should be handled accordingly. Unless you are the named addressee (or
authorised to receive it for the addressee) you may not copy or use it, or
disclose it to anyone else. If you have received this transmission in error
please notify the sender immediately. All email traffic sent to or from us,
including without limitation all GCSX traffic, may be subject to recording
and/or monitoring in accordance with relevant legislation.
------------------------------------------------------------------------------
Introducing Performance Central, a new site from SourceForge and
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
_______________________________________________
Geoserver-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
