Hi everyone, thanks for the replies!
It looks like GeoFence has the functionality we need, we didn't see that
one yet.
We're probably going to generate GeoFence rules with the GeoFence REST
API which will probably make the system more maintainable.
Greetings,
Robin
Op 27/05/16 om 18:22 schreef Stefano Costa:
Hi Robin,
did you have a look at the GeoFence project?
https://github.com/geoserver/geofence/wiki/Main-concepts
With GeoFence, you could setup one access rule for each partner with a
CQL filter like "partner_id = 100" and apply it to any restricted
layer you have (supposing they all have a "partner_id" column).
Hope this helps.
On Wed, May 18, 2016 at 3:25 PM, Robin Kossi
<[email protected] <mailto:[email protected]>> wrote:
Hello,
We're using GeoServer for a GIS project where a lot of different
partners input data in our system though a web client.
We have public layers available with limited data, but partners
should be able to get 'private' layers which contain all of their
data.
Partners should not be able to view the private data of other
partners under any circumstance.
Every partner will have an account on GeoServer.
The 'private' layer for a partner would be an sql view containing
information of every partner with a filter on partner id.
We could create a private layer for every partner containing only
the information they have access to, but because we're working
with over 200 partners this could be quite cumbersome because we'd
have to create over 200 separate layers and link each layer to the
correct single account.
The only difference between these layers would be the partner id.
It's possible in GeoServer to add CQL filters to a layer, but as
far as we could see it's only possible to append the actual filter
id to the request URL which would enable partners to change the
filter id to get data from other partners.
We noticed it's possible to add properties to a user account. Is
it possible to create a CQL filter which reads a property from the
current user account?
This would enable us to create one 'private layer' and allow for
each account to use the same layer but only see the information
associated with their account without being able to alter the filter.
If that's not possible, what would be the recommended way to
implement this use case?
Thanks in advance,
Robin K.
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition
of MDM
restrictions. Mobile Device Manager Plus allows you to control
only the
apps on BYO-devices by containerizing them, leaving personal data
untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/geoserver-users
--
Best regards, Stefano Costa == GeoServer Professional Services from
the experts! Visit http://goo.gl/it488V for more information. == Dott.
Stefano Costa Senior Software Engineer GeoSolutions S.A.S. Via di
Montramito 3/A55054 Massarosa (LU) Italy phone: +39 0584 962313 fax:
+39 0584 1660272 http://www.geo-solutions.it
http://twitter.com/geosolutions_it
------------------------------------------------------- AVVERTENZE AI
SENSI DEL D.Lgs. 196/2003 Le informazioni contenute in questo
messaggio di posta elettronica e/o nel/i file/s allegato/i sono da
considerarsi strettamente riservate. Il loro utilizzo è consentito
esclusivamente al destinatario del messaggio, per le finalità indicate
nel messaggio stesso. Qualora riceviate questo messaggio senza esserne
il destinatario, Vi preghiamo cortesemente di darcene notizia via
e-mail e di procedere alla distruzione del messaggio stesso,
cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo,
od utilizzarlo per finalità diverse, costituisce comportamento
contrario ai principi dettati dal D.Lgs. 196/2003. The information in
this message and/or attachments, is intended solely for the attention
and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data
Protection Code).Any use not in accord with its purpose, any
disclosure, reproduction, copying, distribution, or either
dissemination, either whole or partial, is strictly forbidden except
previous formal approval of the named addressee(s). If you are not the
intended recipient, please contact immediately the sender by
telephone, fax or e-mail and delete the information in this message
that has been received in error. The sender does not give any warranty
or accept liability as the content, accuracy or completeness of sent
messages and accepts no responsibility for changes made after they
were sent or for other risks which arise as a result of e-mail
transmission, viruses, etc.
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Geoserver-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
