Geographic Information Systems Asked by CaptDragon on February 19, 2021
I am trying to implement row level security with GeoServer. I know out of the box it supports service, layer and REST security and not row level. However, I am sure there must be a workaround.
Has anyone successfully implemented it?
Not that I know of... i imagine this would be something that does not really classify as "workaround", but full on feature development :)
It is possible with geoserver to plug in your own security manager (ResourceAccessManager) so that could be a good hook into code for implementing this. It was actually just recently redesigned to allow for finer grained security constraints so I imagine it would not be too hard to implement something custom with it.
There is also work going on (via a summer of code project) to improve the configurability of the security subsystem. I am not sure if it involves row level concerns... I suggest asking on the geoserver-devel list for an update.
Correct answer by jdeolive on February 19, 2021
Maybe the GeoShield project can help you out. It's a stand-alone proxy to secure WMS, WFS, WPS and SOS services. The developers also announced that they are working on a GeoServer plugin. Although there's few documentation of the project and I haven't tried it yet, it seems that row level security is possible by using CQL statements like in the following example:
Group: FOO
Server: BAR
Layer: BAZ
Permission: COLOR='RED' AND BBOX(the_geom,707724,82464,732146,113847))
Description: users that belong to the group FOO can view the layer BAZ on server BAR
but only the features inside the given BBOX that have an attribute color equals
to red.
Answered by Daniel Calliess on February 19, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP