wms Layer authentication: How?

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

wms Layer authentication: How?


I have certain layers in my getCapabilities document which I would like to protect because they contain sensitive information. I would like to serve the layers at all scales to trusted people in an openlayers map and restrict the layer to a certain scale (using sld max-scale-denominator) for others. 

If I make the layer "not published",but then embed the layer in an openlayers map, then I can still look in the source code, find the layer url and layer name, and add this to the wfs getfeature url for the layer thus downloading the geometries and data.

I would ideally like to password protect the layer from within the application (I don´t want the user to have to know another password to access the layer)  but don´t know how this would work. I have read about the http basic authentication but don´t really know how to implement it.

Is this type of security available in geoserver?

Is anyone able to advise?



Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
Geoserver-users mailing list
[hidden email]
Yours with thanks, Robert Buckley System: Linux Ubuntu 10.04 Server / Tomcat6 / Geoserver 2.1.2 / GeoWebCache 1.2.6)