I wonder if control flow could manage to stop the flow for a specific output format :)
On Wed, Jun 28, 2023 at 9:33 AM Andrea Aime < andrea.a...@geosolutionsgroup.com> wrote: > On Wed, Jun 28, 2023 at 7:55 AM Carsten Klein <c.kl...@datagis.com> wrote: > >> And also, that's not the point. The problem is, that those company's >> security officers *can see* this obvious "security hole" and focus on >> that. Since they also have no ideas about WMS they just don't see that >> removing anonymous access to Layer Preview is no real solution (and its a >> long hard way to make them see...). So, they keep insisting on removing it. >> Don't you experience the same in your businesses? A company's security >> requests often are far from rational but paranoid :) >> > > We normally don't do "security by obscurity", at least not by choice, > closing the main door, but leaving the back window open. > If you enable WFS only to some users, they can also download KML from it, > but it will be without any styling, just data, unlike the KML you could get > from WMS. > > I don't believe a solution exists to block a specific output format for > only certain users, but if I had to do it, I'd extend GeoFence > to handle that case as well. > > Regards, > > Andrea Aime > > == > GeoServer Professional Services from the experts! > > Visit http://bit.ly/gs-services-us for more information. > == > > Ing. Andrea Aime > @geowolf > Technical Lead > > GeoSolutions Group > phone: +39 0584 962313 > > fax: +39 0584 1660272 > > mob: +39 339 8844549 > > https://www.geosolutionsgroup.com/ > > http://twitter.com/geosolutions_it > > ------------------------------------------------------- > > Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE > 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si > precisa che ogni circostanza inerente alla presente email (il suo > contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è > riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il > messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra > operazione è illecita. Le sarei comunque grato se potesse darmene notizia. > > This email is intended only for the person or entity to which it is > addressed and may contain information that is privileged, confidential or > otherwise protected from disclosure. We remind that - as provided by > European Regulation 2016/679 “GDPR” - copying, dissemination or use of this > e-mail or the information herein by anyone other than the intended > recipient is prohibited. If you have received this email by mistake, please > notify us immediately by telephone or e-mail > -- -- Jody Garnett
_______________________________________________ Geoserver-users mailing list Please make sure you read the following two resources before posting to this list: - Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/ - The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users
