Hi Gilles Geoserver has its on security system (based on acegi security) and there is no easy way to use another authentication plugin. But this is what you need if you want to authenticate against Active Directory.
Possibility one: Do not use geoserver security at all and use tomcat j2ee security. I assume tomcat is able to authenticate against Active Directory. The drawback is that you have access control based only on url patterns conforming to j2ee. Possibility two. You invest some time for a acegi authentication plugin and modify geoserver source code. I would not recommend that. Possibility three. GSIP54 will offer the architecture you need. At the moment I am working on replacing acegi security with the spring security 2.0 After that I will work on authentication plugins. Geoserver will offer possibilities as described here. http://maniezhilan.blogspot.com/2008/10/spring-security-204-with-active.html Since I am not a full time geoserver developer I cannot give you an exact time line, but I hope to get this into 2.1.x series. Cheers Christian Quoting Gilles Bassière <[email protected]>: > Hi GeoServer users, > > I have a GeoServer instance which lives within TomCat on a Windows > system, Apache is also here as an HTTP front-end. The whole thing is > configured according to the wiki [1]. GeoServer is from 1.7.x series but > should be updated to current stable, TomCat version is 5.5. > > I've been asked to configure the GeoServer security subsystem on this > instance. I've read the documentation [2] and I should be fine with > services.properties and layers.properties. But I'd like to be able to > re-use users and roles definition from an Active Directory instance. If > I understand this thread [3], it seems possible to delegate user > authentication to TomCat. Before going further, I'm seeking a > confirmation that I'll be able to define permissions at Acegi-level for > users authenticated at container-level. > > Besides, I've read that Acegi will eventually be replaced by Spring > Security. The GSIP 54 is said to be scheduled for release 2.1.O but is > not mentionned in beta1 changelog. Should I expect important changes > regarding GeoServer security features in the near future? > > [1] : http://geoserver.org/display/GEOSDOC/Apache+HTTP+Server > [2] : http://docs.geoserver.org/stable/en/user/security/ > [3] : > http://old.nabble.com/Problem-with-Authentication-to-%22GeoServer-Realm%22-td13901464.html > > Best regards > -- > Gilles Bassière - MAKINA CORPUS > http://www.makina-corpus.com > > ------------------------------------------------------------------------------ > Achieve Improved Network Security with IP and DNS Reputation. > Defend against bad network traffic, including botnets, malware, > phishing sites, and compromised hosts - saving your company time, > money, and embarrassment. Learn More! > http://p.sf.net/sfu/hpdev2dev-nov > _______________________________________________ > Geoserver-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/geoserver-users > ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. ------------------------------------------------------------------------------ The Next 800 Companies to Lead America's Growth: New Video Whitepaper David G. Thomson, author of the best-selling book "Blueprint to a Billion" shares his insights and actions to help propel your business during the next growth cycle. Listen Now! http://p.sf.net/sfu/SAP-dev2dev _______________________________________________ Geoserver-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
