On Fri, Jul 25, 2014 at 11:37 AM, Mauro Bartolomeoli <
[email protected]> wrote:
> Hi,
> recently I was thinking about what the following sentence should mean:
> "OGC services are supposed to be stateless".
>
> In my opinion, from the security point of view, it means that OGC services
> should completely ignore an eventual security context saved into the user
> session by other Geoserver requests (for example those created by logging
> into the web UI).
>
Personally I find it rather handy to have the web gui login work for
subsequent OGC requests from the same browser too.
But I agree there should be a way to avoid that in case the admin wants to
Cheers
Andrea
--
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.
==
Ing. Andrea Aime
@geowolf
Technical Lead
GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
-------------------------------------------------------
------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Geoserver-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
