Hi Jody, hi Andrea
thanks for these ideas. Solution b) sounds quite reasonable. On the
other side, there are (authenticated) users that actually need KML from
time to time.
This is an interesting challenge as geoserver really wishes to share
you information :)
That's correct. However, in business environments you always need to
define with whom to share your data.
One of our customers which operates a gas network has a new security
officer (don't like stories beginning like that...). Since they don't
want to find their network on Google Earth, they try to prevent their
employees from accessing vector data in such a simple way (the server's
not accessible from the Internet). Raster to vector processing is not in
focus here as it's not considered "simple access" (at least the security
officers may not even know that such "magic" is possible).
AFAIK, there are some more companies around here that are facing the
same problem.
@Andrea Yes, actually building a WMS request is simple, if you've ever
heard of WMS. However, the users in focus are actually NOT related to
GIS and OGC, so they will not be able to assemble a WMS request.
And also, that's not the point. The problem is, that those company's
security officers /can see/ this obvious "security hole" and focus on
that. Since they also have no ideas about WMS they just don't see that
removing anonymous access to Layer Preview is no real solution (and its
a long hard way to make them see...). So, they keep insisting on
removing it. Don't you experience the same in your businesses? A
company's security requests often are far from rational but paranoid :)
Boiling this down, anonymous access to vector data with two simple
clicks is often considered too easy. It's about to make it a little more
difficult to get the data if you actually shouldn't have access.
Security is always the question of how much an attacker is willing to
invest in order to (e.g.) steal something. You don't always need a Fort
Knox but also shouldn't leave the front door open all the time.
Wouldn't it be simple enough to implement that though an environment
variable or a context property GUI_ENABLE_ANONYMOUS_READ_ACCESS (or
likewise)? If I had more knowledge of Wicket (and time), I could provide
a simple patch. Looking into the code, in GeoServerBasePage.java:281,
you filterByAuth MenuPageInfo-typed beans to create the left side menu.
Seems like you just need to override method getPageAuthorizer() in
MapPreviewPage.java:
protected ComponentAuthorizer getPageAuthorizer() {
return isGUIEnableAnonymousReadAccess() ? ComponentAuthorizer.ALLOW
: ComponentAuthorizer.AUTHENTICATED;
}
Don't laugh, it's just an idea... I'm not in Wicket :)
Carsten
Am 27.06.2023 um 15:40 schrieb Jody Garnett:
This is an interesting challenge as geoserver really wishes to share
you information :)
a) You can may a layer group opaque to contain your layer and just use
it to draw, and then it is not listed anywhere (see no evil). But if
you wish to provided authenticated access to WFS then this will be a
little too hidden.
b) You can add your WFS authentication, and then for WMS ... disable
GetFeatureInfo KML, PDF, SVG and any other WMS output format you
consider too sufficiently detailed 🙂 You best lock down WMS
GetFeatureInfo access as well as that can provided GML
c) You could set up an internal GeoServer for those authenticated
users, and a more public WMS only GeoServer for sharing the imagery.
Use cascading WMS to have a separation.
If you really need to "handle critical data" and only provided a
visual ... you may not wish to be publishing at all? There are raster
to vector processing chains around after all and WMS provided adhoc
zoom to allow edge detection with great detail.
--
Jody Garnett
On Jun 27, 2023 at 3:12:12 PM, Carsten Klein <c.kl...@datagis.com> wrote:
Hi Jody,
thanks for answering. Do you know any other way to do what I'm
needing? Removing Web UI completely is not really convenient...
It's about not providing users access to download data as vectors.
That is required if GeoServer hosts unfree or even critical data.
I could allow WFS requests for ROLE_AUTHENTICATED only. I could even
deal with that in my client application (which is capable of
authenticating for WFS requests). But I actually do not want to add
security (authentication requirements) for WMS requests (getting just
dumb images is not a problem).
However, there's one exception: KML. Although it is a WMS format (and
so, it is not protected by any WFS service security rule), KML is
actually a vector format, as it contains real WGS84 coordinates
(maybe other WMS formats do as well). Even worse for critical data
(thing of line features describing North Stream pipelines blown up
recently), KML can easily be imported into and publicly published by
Google Earth. Even non-GIS related users can do this in minutes.
So, Layer Preview may be a "simple to exploit" security hole when
dealing with critical data. In order to prevent it, one has to secure
all data and/or all services. The latter is uncommon (or at least
uncomfortable) for WMS using raster formats like PNG or JPEG.
What about a new option to disable Layer Preview for anonymous
access? Or, as an alternative, a new boolean layer property (like
"enabled" or "advertised") named "show in preview" (defaulting to true)?
Carsten
Am 27.06.2023 um 13:53 schrieb Jody Garnett:
There is an option to turn the entire geoserver admin console off in
the documentation:
https://docs.geoserver.org/latest/en/user/production/config.html#disable-the-geoserver-web-administration-interface
I am not sure if I have heard of an option to turn off just the
layer preview before.
--
Jody Garnett
On Jun 27, 2023 at 1:00:51 PM, Carsten Klein <c.kl...@datagis.com>
wrote:
Hi there,
some years ago, I found a quite simple mechanism to remove the "Layer
Preview" link from GeoServer's start page, BEFORE being logged on.
Currently, I do not find this mechanism any more nor any documentation
about it.
Any suggestions brought by Google search just mention to remove read
access through Security settings (Layer Security or Service Security).
However, I just want to provide access to the Layer Preview for an
logged-on user. I don't want to add authentication requirements to
layers or services (if a users manages to assemble a WFS request
manually, he/she shall get that data... will never happen *lol*).
I believe there was a rather simple trick to let the Layer Preview
menu
link not show up before a users has logged-in into the Web
administration interface. Is it still there in a recent version (e.g.
2.22.x) and how enable it?
Many thanks in advance,
Carsten
_______________________________________________
Geoserver-users mailing list
Please make sure you read the following two resources before
posting to this list:
- Earning your support instead of buying it, but Ian Turton:
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines:
http://geoserver.org/comm/userlist-guidelines.html
If you want to request a feature or an improvement, also see this:
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
_______________________________________________
Geoserver-users mailing list
Please make sure you read the following two resources before posting
to this list:
- Earning your support instead of buying it, but Ian Turton:
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines:
http://geoserver.org/comm/userlist-guidelines.html
If you want to request a feature or an improvement, also see this:
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
_______________________________________________
Geoserver-users mailing list
Please make sure you read the following two resources before posting to this
list:
- Earning your support instead of buying it, but Ian Turton:
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines:
http://geoserver.org/comm/userlist-guidelines.html
If you want to request a feature or an improvement, also see this:
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
