$webwork.htmlEncode($page.space.name) : 5 Security subsystem
This page last changed on Dec 18, 2007 by aaime.
Configuring the security subsystemStarting with GeoServer 1.6.0 the GeoServer security subsystem has been improved by integrating Acegi, a library that allows for taking care or various security issues in web applications. The library itself is very powerful, thought due to development time constraints we're using just a few of its functionalities. The current version of the security subsystem uses two plain text property files located in the GeoServer data directory to configure users and access permissions. The first file, GEOSERVER_DATA_DIR/security/user.properties, defines users, their password, and their roles. An example follows: admin=geoserver,ROLE_ADMINISTRATOR wfst=wfst,ROLE_WFS_READ,ROLE_WFS_WRITE wfs=wfs,ROLE_WFS_READ Passwords are kept clear text because there is no utility to edit the file that could handle password encription transparently, yet Acegi allows for using different password encrypters easily (so stay tuned for a version of Geoserver with UI editing and password encryption). The second file, GEOSERVER_DATA_DIR/security/services.properties, states which services are secured, and which roles the user must have in order to access them. For example: wfs.GetFeature=ROLE_WFS_READ wfs.Transaction=ROLE_WFS_WRITE Service security configuration requires a service.method or simply a service key, and a list of roles that can access that service or method. A user having at least one of those roles will be able to call that method. When invoking an service method, the dispatcher will check if there is any service.method role configuration, if none is found, a service configuration will be looked up, and if again none is found, the service will be assumed to be non secured so no password is required. Accessing secured servicesThe web console is accessed by means of a form based authentication, with optional remember-me cookie setting.
To allow for authorization quick tests, the "sample request" page now provides (optional) username and password fields that will be turned into a HTTP BASIC authentication header. Disabling the security subsystemIf you are already using an external security subsystem it might conflict with the GeoServer one. The only option at the moment is to disable completely the GeoServer one and rely only on the external one. To disable GeoServer Acegi integration:
Then redeploy GeoServer, the security subsystem should be completely off, and access to the amin area should be free of password requests. Now your job is to setup whatever external security you have to protect the admin area (hint, the admin area pages are located at http://host:port/geoserver/config/*). |
Document generated by Confluence on Jan 16, 2008 23:27 |