Hi Paul, my case is not really what is in the discussion.
I have un-controlled number of users sending request for different layers
(over 1000 layers and growing). Each user has an AuthKey (Based on the
AuthKey Module). The Authkey is queried from the Database per user and
added to the WMS request URL for Authorization. ALl this is dynamic and I
don't have the luxary of setting the authkey property in the
geowebcache.xml.
In fact for my case I can't even set the layers one by one in the
geowebcache.xml, I have used WMS getCapabilities in the
Geowebcache-core-context.xml to load all the WMS layers at once.
My desired solution would be how to parse the Authkey to the final request
URL sent to geoserver by the GWc request to check data security and
restrict access to layers and the already seeded tiles.
For quick turnaround for my application I'm now doing an Authentication +
Authorization Service in front of GWC and I'm also removing all the Data
Security Rules in the Geoservers. This way the Authorization will now be
checked even before the request hits GWC without depending on Geoserver
Subsecurity System.
Of course I'm interested to know of other approaches to achieve this
without writing other software. Or, any one offer me advice on tuning
Embedded GWC on multiple Geoservers to perform as efficient and fast as
Standalone GWC.
Kind regards,
Steve Omondi
On Tue, Nov 7, 2017 at 3:00 PM, Paul Wittle <p.wit...@dorsetcc.gov.uk>
wrote:
> Hi,
>
>
>
> Is the option referenced in this message thread not related to passing
> credentials with the requests?
>
>
>
> http://osgeo-org.1560.x6.nabble.com/How-can-I-
> configure-user-name-password-in-geowebcache-xml-for-
> wmslayers-td5023835.html
>
>
>
> I was trying to use the same settings unsuccessfully but I don’t know why
> I thought something had moved on; perhaps not.
>
>
>
> Cheers,
>
> Paul
> "This e-mail is intended for the named addressee(s) only and may contain
> information about individuals or other sensitive information and should be
> handled accordingly. Unless you are the named addressee (or authorised to
> receive it for the addressee) you may not copy or use it, or disclose it to
> anyone else. If you have received this email in error, kindly disregard the
> content of the message and notify the sender immediately. Please be aware
> that all email may be subject to recording and/or monitoring in accordance
> with relevant legislation."
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Geoserver-users mailing list
Please make sure you read the following two resources before posting to this
list:
- Earning your support instead of buying it, but Ian Turton:
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines:
http://geoserver.org/comm/userlist-guidelines.html
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
