Hi, I found some inconsistencies when setting up a security for single layers.
What I want is, for a specific role and workspace, to set up something like: "Hide/restrict access to all layers except of..." With a simple set up for the "topp" workspace it would look like this: *.*.r=* *.*.w=* topp.*.r=ADMIN,GROUP_ADMIN topp.states.r=TEST mode=HIDE A GetCapabilities request (and also the layer preview in the browser) for a TEST-user looks like what I'd expect: he sees only the topp.states layer from the topp workspace. But the access to it is still restricted, giving me a 404:resource not available. Now, setting the mode=CHALLENGE, I can access topp.states. But this workaround isn't what I want because it exposes all the layers to a getCapabilities request. Do I misunderstood the security concept or is this a wrong behaviour of Geoserver? Best Regards Dominik -- Dominik Gärner GRINTEC GmbH Anzengrubergasse 6, 8010 Graz, Austria Tel: +43(316)383706-0 mailto:[email protected] http://www.grintec.com FN 47845k Handelsgericht Graz
------------------------------------------------------------------------------
_______________________________________________ Geoserver-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
