Keith, thank you for your response, I think this is slightly becoming offtopic, I will take this offlist with you but in short, that's not how GeoServer works (or mainly GIS when displaying things publicly) for something to be displayed to you, it needs to make it available, and if it's available it can be downloaded with codes/programs that allow you to, we are preventing this by forcing users to log in that way someone can't simply launch a script and get all of the data available in our platform (or if they do, we would notice, know who and stop it via rate-limits). I am neither a security nor GIS expert, I am relying on what I was told/advised.
On Sun, Aug 4, 2019 at 1:06 PM Keith Medcalf <kmedc...@dessus.com> wrote: > > On Sunday, 4 August, 2019 12:20, Mehmet Akcin <meh...@akcin.net> wrote: > > >I understand and share your frustration about forcing account > >registration. We had no other way but to implement this as constantly > >we had sources trying to download our data by examining our code. By > >having access controls we were able to stop that. My team had > >recommended user data controls after reviewing Geoserver, mapbox > >requirements, if you know any other way please feel free to > >recommend. > > You permit anyone to view the code running on your web server? Do you > permit them to modify it too? > Nevertheless, just deny code viewing permission on your web server and > only serve output of executing that code. > Quite simple. And no one can steal your code (unless you let them into > the room containing the web server). > > -- > The fact that there's a Highway to Hell but only a Stairway to Heaven says > a lot about anticipated traffic volume. > > > > >
