SlideShare a Scribd company logo

Advanced Security with GeoServer - FOSS4G 2015

GeoSolutions
GeoSolutions

The presentation will provide an introduction to GeoServer own authentication and authorization subsystems. We’ll cover the supported authentication protocols, such as from basic/digest authentication and CAS support, check through the various identity providers, such as local config files, database tables and LDAP servers, and how it’s possible to combine the various bits in a single comprehensive authentication tool, as well as providing examples of custom authentication plugins for GeoServer, integrating it in a home grown security architecture. We’ll then move on to authorization, describing the GeoServer pluggable authorization mechanism and comparing it with proxy based solution, and check the built in service and data security system, reviewing its benefits and limitations. Finally we’ll explore the advanced authentication provider, GeoFence, explore the levels on integration with GeoSErver, from the simple and seamless direct integration to the more sophisticated external setup, and see how it can provide GeoServer with complex authorization rules over data and OGC services, taking into account the current user, OGC request and requested layers to enforce spatial filters and alphanumeric filters, attribute selection as well as cropping raster data to areas of interest.

Technology
1 of 40
Download to read offline
Advanced Security With GeoServer Ing. Mauro Bartolomeoli Ing. Emanuele Tajariol Ing. Simone Giannecchini GeoSolutions
GeoSolutions  Founded in Italy in late 2006  Expertise • Image Processing, GeoSpatial Data Fusion • Java, Java Enterprise, C++, Python • JPEG2000, JPIP, Advanced 2D visualization  Supporting/Developing FOSS4G projects  GeoServer, MapStore  GeoNetwork, GeoNode, Ckan  Clients  Public Agencies  Private Companies  http://www.geo-solutions.it FOSS4G 2015, Seoul 14th-19th September 2015
Overview FOSS4G 2015, Seoul 14th-19th September 2015  GeoServer security handles  Authentication (filtering and credential checks)  Authorization (resource access managers)
Authentication FOSS4G 2015, Seoul 14th-19th September 2015
The filter chains FOSS4G 2015, Seoul 14th-19th September 2015  Different chains for different URL groups  Each chain authenticates in a different way by composigin different filters
 UI chain, with form, HTTP session (creation allowed), and remember me services  OGC one, lighter, will use session if available, no creation Different usage, different chain FOSS4G 2015, Seoul 14th-19th September 2015
Available auth filters FOSS4G 2015, Seoul 14th-19th September 2015  Gathering user credentials (and eventually invoking authentication providers chain)  Basic  Form  Digest  Anonymous (always the last)  Preauthentication (and eventually load user details from user/group and/or role service)  Session  HTTP Header  X.509  Remember Me  J2EE  Easy to implement and plug new filters  Missing: authenticate from environment variables (e.g. Shibboleth SSO)
Authentication providers FOSS4G 2015, Seoul 14th-19th September 2015  Given credentials pulled from the filters, who is the user? Search in user/group database Auth as a LDAP user Auth as a DBMS user XML DBMS tables Authentication providers User/Group service Pluggable
Role providers FOSS4G 2015, Seoul 14th-19th September 2015  Given the user, what are her roles in GeoServer?  Fundamental, authorization is role based  Extensible, new providers can be built LDAP DBMS XMLDBMS tables
Extensions FOSS4G 2015, Seoul 14th-19th September 2015  CAS (https://www.apereo.org/cas): Single Sign On integration  Authkey: simple UUID to user mapper  Simple key in the URL (must use HTTPS)  Allows authentication unware clients to participate  Pluggable: possibility to define custom mappers (e.g. webservices)  URLMangler to add authkey to OGC request transparently (via GetCapabilities)
Authorization FOSS4G 2015, Seoul 14th-19th September 2015
Authorization FOSS4G 2015, Seoul 14th-19th September 2015  Given the user and her roles  Can the current «action» on the current «resource» be allowed?  Action:  Generic read/write  Specific OGC service/method call  Resource  Workspace  Layer  Layer Group  Style
ResourceAccessManager FOSS4G 2015, Seoul 14th-19th September 2015  Pluggable interface, multiple implementations  Define AccessLimits for the various Catalog Resources (Workspace, Layer, Style, LayerGroup)  Can access the current request (service/method/details)  Allows for fine grained limits  Attributes visible  Read filters (which features can be read)  Write filters (which features can be written)  Filters:  Alphanumeric  Temporal  Spatial
Implementations FOSS4G 2015, Seoul 14th-19th September 2015  Default security subsystem  Simple per workspace/layer authentication  GeoFence  External application (*)  Full use of ResourceAccessManager abilities  Other custom implementations  Integrate with existing in-house authorization mechanism  Quite popular in large enterprise setup
GeoFence FOSS4G 2015, Seoul 14th-19th September 2015
GeoFence FOSS4G 2015, Seoul 14th-19th September 2015  Extended A&A for GeoServer  Optional Authentication, Sophisticated authorization  Open Source, GPL https://github.com/geoserver/geofence
Structure FOSS4G 2015, Seoul 14th-19th September 2015
Stand alone User interface FOSS4G 2015, Seoul 14th-19th September 2015
User management FOSS4G 2015, Seoul 14th-19th September 2015
GeoFence rules FOSS4G 2015, Seoul 14th-19th September 2015  Authorizations are expressed as a priority-based rule set  Type of Rules are ALLOW/DENY/LIMIT  The first matching rule is the one that determines the outcome of the auth request
GeoFence rules matching FOSS4G 2015, Seoul 14th-19th September 2015  Rules are matched based on:  Username  Group the provided user belongs to  GeoServer Instance (single GeoFence  multiple GS clusters)  OGC Service (e.g., WMS)  OGC Service Operation (e.g., GetFeatureInfo)  Workspace (E.g. it.geosolutions)  Layer name (E.g. topp:states)
Example FOSS4G 2015, Seoul 14th-19th September 2015 Example  Let’s assume we have configured these rules :  User: u1, Service:WMS, Workspace=W1,ALLOW  User: u1, DENY  These rules will grant access for user u1 to  all the layers in worspace W1  only for WMS request  All other types of request will be DENIED.
Restrictions (LIMIT rules) FOSS4G 2015, Seoul 14th-19th September 2015  When an ALLOW rule is matched, the user will have access to the requested resource:   Restrictions on available area   Restrictions on alphanumeric conditions
Restrictions (LIMIT rules) FOSS4G 2015, Seoul 14th-19th September 2015   Restrictions on available attributes
Stand-alone GeoFence FOSS4G 2015, Seoul 14th-19th September 2015  The GeoFence ResourceAccessManager (Geofence Probe) calls GeoFence REST services.  A cache is setup to minimize network traffic  A cache can be configured on different aspects: number of entries, expiration time  The cache provides REST operations (using GeoServer’s own REST dispatcher) in order to  Invalidate the cache  Query the cache statistics
GeoFence REST API FOSS4G 2015, Seoul 14th-19th September 2015  REST interface for administration  automation  Complete CRUD access to the various entities managed by GeoFence:  Users and groups  GeoServer instances  Rules  Paging support  Priority ordering in rules is fundamental: different ways to insert and set a position for the new rules.  Batch mode, backup and restore available  See details at: https://github.com/geosolutions-it/geofence/wiki/REST-API
GeoFence direct integration FOSS4G 2015, Seoul 14th-19th September 2015
GeoFence integration FOSS4G 2015, Seoul 14th-19th September 2015  Simple setups demand simple solution  Have GeoFence run inside GeoServer  Integration similar to GWC one, runs like a plugin GeoServer GeoWebCache GeoFence Rules DB
Baby steps FOSS4G 2015, Seoul 14th-19th September 2015  Born as a more future-proof alternative to improving the internal security subsystem  Community module, available via nightly builds  Delivers a subset of the full functionality: access/deny based on mix of user/layer/workspace/request  Integrated UI
Baby steps FOSS4G 2015, Seoul 14th-19th September 2015  Born as a more future-proof alternative to improving the internal security subsystem  Community module, available via nightly builds  Delivers a subset of the full functionality: access/deny based on mix of user/layer/workspace/request  Integrated UI
General Configuration FOSS4G 2015, Seoul 14th-19th September 2015
General Configuration (continued) FOSS4G 2015, Seoul 14th-19th September 2015
Creating rules FOSS4G 2015, Seoul 14th-19th September 2015
Rules list FOSS4G 2015, Seoul 14th-19th September 2015
Example 1 FOSS4G 2015, Seoul 14th-19th September 2015
Example 1 – layer preview FOSS4G 2015, Seoul 14th-19th September 2015
Example 2 FOSS4G 2015, Seoul 14th-19th September 2015
Example 2 – layer preview FOSS4G 2015, Seoul 14th-19th September 2015
TODO FOSS4G 2015, Seoul 14th-19th September 2015  Allow to edit LIMIT rules  Force default style  Limit attributes  Filter contents  Limit by area  Control writes at the rule level  Better/Easier way to re-order rules  Configuration of external database (now using embedded H2 in data dir, not cluster friendly)  Migrate old security system rules to GeoFence as possible
That’s all folks! Questions? info@geo-solutions.it FOSS4G 2015, Seoul 14th-19th September 2015

Recommended

Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...
Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...
Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...GeoSolutions
 
GeoServer in Production: we do it, here is how!
GeoServer in Production: we do it, here is how!GeoServer in Production: we do it, here is how!
GeoServer in Production: we do it, here is how!GeoSolutions
 
Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017
Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017
Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017GeoSolutions
 
Advanced GeoServer Security with GeoFence
Advanced GeoServer Security with GeoFenceAdvanced GeoServer Security with GeoFence
Advanced GeoServer Security with GeoFenceGeoSolutions
 
Raster data in GeoServer and GeoTools: Achievements, issues and future devel...
Raster data in GeoServer and GeoTools: Achievements, issues and future devel...Raster data in GeoServer and GeoTools: Achievements, issues and future devel...
Raster data in GeoServer and GeoTools: Achievements, issues and future devel...GeoSolutions
 
GeoServer on Steroids
GeoServer on Steroids GeoServer on Steroids
GeoServer on Steroids GeoSolutions
 
GeoServer on Steroids
GeoServer on SteroidsGeoServer on Steroids
GeoServer on SteroidsGeoSolutions
 
[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기
[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기
[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기MinPa Lee
 

Recommended

Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...
Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...
Crunching Data In GeoServer: Mastering Rendering Transformations, WPS Process...GeoSolutions
 
GeoServer in Production: we do it, here is how!
GeoServer in Production: we do it, here is how!GeoServer in Production: we do it, here is how!
GeoServer in Production: we do it, here is how!GeoSolutions
 
Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017
Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017
Mastering Security with GeoServer and GeoFence - FOSS4G EU 2017GeoSolutions
 
Advanced GeoServer Security with GeoFence
Advanced GeoServer Security with GeoFenceAdvanced GeoServer Security with GeoFence
Advanced GeoServer Security with GeoFenceGeoSolutions
 
Raster data in GeoServer and GeoTools: Achievements, issues and future devel...
Raster data in GeoServer and GeoTools: Achievements, issues and future devel...Raster data in GeoServer and GeoTools: Achievements, issues and future devel...
Raster data in GeoServer and GeoTools: Achievements, issues and future devel...GeoSolutions
 
GeoServer on Steroids
GeoServer on Steroids GeoServer on Steroids
GeoServer on Steroids GeoSolutions
 
GeoServer on Steroids
GeoServer on SteroidsGeoServer on Steroids
GeoServer on SteroidsGeoSolutions
 
[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기
[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기
[FOSS4G Korea 2017] uDig GIS 효율적으로 활용하기MinPa Lee
 
Firebase Overview
Firebase OverviewFirebase Overview
Firebase Overviewaashutosh kumar
 
Flutter festival gdsc juet guna
Flutter festival gdsc juet gunaFlutter festival gdsc juet guna
Flutter festival gdsc juet gunaSachinVerma869778
 
GeoServer on Steroids at FOSS4G Europe 2014
GeoServer on Steroids at FOSS4G Europe 2014GeoServer on Steroids at FOSS4G Europe 2014
GeoServer on Steroids at FOSS4G Europe 2014GeoSolutions
 
공간정보거점대학 1.geo server_고급과정
공간정보거점대학 1.geo server_고급과정공간정보거점대학 1.geo server_고급과정
공간정보거점대학 1.geo server_고급과정BJ Jang
 
One GeoNode, many GeoNodes
One GeoNode, many GeoNodesOne GeoNode, many GeoNodes
One GeoNode, many GeoNodesGeoSolutions
 
공간정보연구원 PostGIS 강의교재
공간정보연구원 PostGIS 강의교재공간정보연구원 PostGIS 강의교재
공간정보연구원 PostGIS 강의교재JungHwan Yun
 
Creating Stunning Maps in GeoServer: mastering SLD and CSS styles
Creating Stunning Maps in GeoServer: mastering SLD and CSS stylesCreating Stunning Maps in GeoServer: mastering SLD and CSS styles
Creating Stunning Maps in GeoServer: mastering SLD and CSS stylesGeoSolutions
 
오픈소스GIS의 이해와 활용
오픈소스GIS의 이해와 활용오픈소스GIS의 이해와 활용
오픈소스GIS의 이해와 활용SANGHEE SHIN
 
Firestore: The Basics
Firestore: The BasicsFirestore: The Basics
Firestore: The BasicsJielynn Diroy
 
Unified Log Processing Architecture
Unified Log Processing ArchitectureUnified Log Processing Architecture
Unified Log Processing ArchitectureGuido Schmutz
 
Activity lifecycle
Activity lifecycleActivity lifecycle
Activity lifecycleRehan Choudhary
 
Google Firebase
Google FirebaseGoogle Firebase
Google FirebaseAliZaidi94
 
MapBox
MapBoxMapBox
MapBoxMEASURE Evaluation
 
Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...GeoSolutions
 
QGISセミナー初級 ~QGISの使い方・基礎編~ Ver. 2.4版
QGISセミナー初級 ~QGISの使い方・基礎編~ Ver. 2.4版QGISセミナー初級 ~QGISの使い方・基礎編~ Ver. 2.4版
QGISセミナー初級 ~QGISの使い方・基礎編~ Ver. 2.4版FOSS4G_MEXT
 
History of iOS Versions from 1.0 to 14
History of iOS Versions from 1.0 to 14History of iOS Versions from 1.0 to 14
History of iOS Versions from 1.0 to 14iFixScreens
 
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판BJ Jang
 
GeoServer on steroids
GeoServer on steroidsGeoServer on steroids
GeoServer on steroidsGeoSolutions
 
Advantages and disadvantages of a monorepo
Advantages and disadvantages of a monorepoAdvantages and disadvantages of a monorepo
Advantages and disadvantages of a monorepoIanDavidson56
 
Introduction to Firebase
Introduction to FirebaseIntroduction to Firebase
Introduction to FirebaseMustafa Şenel
 
GeoServer beginners gwf_2015
GeoServer beginners gwf_2015GeoServer beginners gwf_2015
GeoServer beginners gwf_2015GeoSolutions
 
GeoServer, The Open Source Solution for the interoperable management of geo...
GeoServer, The Open Source Solution for the interoperable management of geo...GeoServer, The Open Source Solution for the interoperable management of geo...
GeoServer, The Open Source Solution for the interoperable management of geo...GeoSolutions
 

More Related Content

What's hot

Flutter festival gdsc juet guna
Flutter festival gdsc juet gunaFlutter festival gdsc juet guna
Flutter festival gdsc juet gunaSachinVerma869778
 
GeoServer on Steroids at FOSS4G Europe 2014
GeoServer on Steroids at FOSS4G Europe 2014GeoServer on Steroids at FOSS4G Europe 2014
GeoServer on Steroids at FOSS4G Europe 2014GeoSolutions
 
공간정보거점대학 1.geo server_고급과정
공간정보거점대학 1.geo server_고급과정공간정보거점대학 1.geo server_고급과정
공간정보거점대학 1.geo server_고급과정BJ Jang
 
One GeoNode, many GeoNodes
One GeoNode, many GeoNodesOne GeoNode, many GeoNodes
One GeoNode, many GeoNodesGeoSolutions
 
공간정보연구원 PostGIS 강의교재
공간정보연구원 PostGIS 강의교재공간정보연구원 PostGIS 강의교재
공간정보연구원 PostGIS 강의교재JungHwan Yun
 
Creating Stunning Maps in GeoServer: mastering SLD and CSS styles
Creating Stunning Maps in GeoServer: mastering SLD and CSS stylesCreating Stunning Maps in GeoServer: mastering SLD and CSS styles
Creating Stunning Maps in GeoServer: mastering SLD and CSS stylesGeoSolutions
 
오픈소스GIS의 이해와 활용
오픈소스GIS의 이해와 활용오픈소스GIS의 이해와 활용
오픈소스GIS의 이해와 활용SANGHEE SHIN
 
Firestore: The Basics
Firestore: The BasicsFirestore: The Basics
Firestore: The BasicsJielynn Diroy
 
Unified Log Processing Architecture
Unified Log Processing ArchitectureUnified Log Processing Architecture
Unified Log Processing ArchitectureGuido Schmutz
 
Google Firebase
Google FirebaseGoogle Firebase
Google FirebaseAliZaidi94
 
Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...GeoSolutions
 
QGISセミナー初級 ~QGISの使い方・基礎編~ Ver. 2.4版
QGISセミナー初級 ~QGISの使い方・基礎編~ Ver. 2.4版QGISセミナー初級 ~QGISの使い方・基礎編~ Ver. 2.4版
QGISセミナー初級 ~QGISの使い方・基礎編~ Ver. 2.4版FOSS4G_MEXT
 
History of iOS Versions from 1.0 to 14
History of iOS Versions from 1.0 to 14History of iOS Versions from 1.0 to 14
History of iOS Versions from 1.0 to 14iFixScreens
 
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판BJ Jang
 
GeoServer on steroids
GeoServer on steroidsGeoServer on steroids
GeoServer on steroidsGeoSolutions
 
Advantages and disadvantages of a monorepo
Advantages and disadvantages of a monorepoAdvantages and disadvantages of a monorepo
Advantages and disadvantages of a monorepoIanDavidson56
 
Introduction to Firebase
Introduction to FirebaseIntroduction to Firebase
Introduction to FirebaseMustafa Şenel
 

What's hot (20)

Firebase Overview
Firebase OverviewFirebase Overview
Firebase Overview
 
Flutter festival gdsc juet guna
Flutter festival gdsc juet gunaFlutter festival gdsc juet guna
Flutter festival gdsc juet guna
 
GeoServer on Steroids at FOSS4G Europe 2014
GeoServer on Steroids at FOSS4G Europe 2014GeoServer on Steroids at FOSS4G Europe 2014
GeoServer on Steroids at FOSS4G Europe 2014
 
공간정보거점대학 1.geo server_고급과정
공간정보거점대학 1.geo server_고급과정공간정보거점대학 1.geo server_고급과정
공간정보거점대학 1.geo server_고급과정
 
One GeoNode, many GeoNodes
One GeoNode, many GeoNodesOne GeoNode, many GeoNodes
One GeoNode, many GeoNodes
 
공간정보연구원 PostGIS 강의교재
공간정보연구원 PostGIS 강의교재공간정보연구원 PostGIS 강의교재
공간정보연구원 PostGIS 강의교재
 
Creating Stunning Maps in GeoServer: mastering SLD and CSS styles
Creating Stunning Maps in GeoServer: mastering SLD and CSS stylesCreating Stunning Maps in GeoServer: mastering SLD and CSS styles
Creating Stunning Maps in GeoServer: mastering SLD and CSS styles
 
오픈소스GIS의 이해와 활용
오픈소스GIS의 이해와 활용오픈소스GIS의 이해와 활용
오픈소스GIS의 이해와 활용
 
Firestore: The Basics
Firestore: The BasicsFirestore: The Basics
Firestore: The Basics
 
Unified Log Processing Architecture
Unified Log Processing ArchitectureUnified Log Processing Architecture
Unified Log Processing Architecture
 
Activity lifecycle
Activity lifecycleActivity lifecycle
Activity lifecycle
 
Google Firebase
Google FirebaseGoogle Firebase
Google Firebase
 
MapBox
MapBoxMapBox
MapBox
 
Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...
 
QGISセミナー初級 ~QGISの使い方・基礎編~ Ver. 2.4版
QGISセミナー初級 ~QGISの使い方・基礎編~ Ver. 2.4版QGISセミナー初級 ~QGISの使い方・基礎編~ Ver. 2.4版
QGISセミナー初級 ~QGISの使い方・基礎編~ Ver. 2.4版
 
History of iOS Versions from 1.0 to 14
History of iOS Versions from 1.0 to 14History of iOS Versions from 1.0 to 14
History of iOS Versions from 1.0 to 14
 
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판
Open Source GIS 기초교육 4일차 - GeoServer 기초 2014년 7월판
 
GeoServer on steroids
GeoServer on steroidsGeoServer on steroids
GeoServer on steroids
 
Advantages and disadvantages of a monorepo
Advantages and disadvantages of a monorepoAdvantages and disadvantages of a monorepo
Advantages and disadvantages of a monorepo
 
Introduction to Firebase
Introduction to FirebaseIntroduction to Firebase
Introduction to Firebase
 

Viewers also liked

GeoServer beginners gwf_2015
GeoServer beginners gwf_2015GeoServer beginners gwf_2015
GeoServer beginners gwf_2015GeoSolutions
 
GeoServer, The Open Source Solution for the interoperable management of geo...
GeoServer, The Open Source Solution for the interoperable management of geo...GeoServer, The Open Source Solution for the interoperable management of geo...
GeoServer, The Open Source Solution for the interoperable management of geo...GeoSolutions
 
GeoServer presentation @ Italian GFOSS day 2008
GeoServer presentation @ Italian GFOSS day 2008GeoServer presentation @ Italian GFOSS day 2008
GeoServer presentation @ Italian GFOSS day 2008GeoSolutions
 
SIG Libre 2013 Girona. Cuso Online de SIG y Cooperación
SIG Libre 2013 Girona. Cuso Online de SIG y CooperaciónSIG Libre 2013 Girona. Cuso Online de SIG y Cooperación
SIG Libre 2013 Girona. Cuso Online de SIG y CooperaciónFrancisco Puga
 
Mapping the world beyond web mercator - FOSS4G 2015
Mapping the world beyond web mercator - FOSS4G 2015Mapping the world beyond web mercator - FOSS4G 2015
Mapping the world beyond web mercator - FOSS4G 2015GeoSolutions
 
GeoServer an introduction for beginners
GeoServer an introduction for beginnersGeoServer an introduction for beginners
GeoServer an introduction for beginnersGeoSolutions
 
How to perform trouble shooting based on counters
How to perform trouble shooting based on countersHow to perform trouble shooting based on counters
How to perform trouble shooting based on countersAbdul Muin
 
State of GeoServer, GeoTools and Friends 2014
State of GeoServer, GeoTools and Friends 2014State of GeoServer, GeoTools and Friends 2014
State of GeoServer, GeoTools and Friends 2014Jody Garnett
 

Viewers also liked (10)

GeoServer beginners gwf_2015
GeoServer beginners gwf_2015GeoServer beginners gwf_2015
GeoServer beginners gwf_2015
 
GeoServer, The Open Source Solution for the interoperable management of geo...
GeoServer, The Open Source Solution for the interoperable management of geo...GeoServer, The Open Source Solution for the interoperable management of geo...
GeoServer, The Open Source Solution for the interoperable management of geo...
 
GeoServer presentation @ Italian GFOSS day 2008
GeoServer presentation @ Italian GFOSS day 2008GeoServer presentation @ Italian GFOSS day 2008
GeoServer presentation @ Italian GFOSS day 2008
 
SIG Libre 2013 Girona. Cuso Online de SIG y Cooperación
SIG Libre 2013 Girona. Cuso Online de SIG y CooperaciónSIG Libre 2013 Girona. Cuso Online de SIG y Cooperación
SIG Libre 2013 Girona. Cuso Online de SIG y Cooperación
 
Mapping the world beyond web mercator - FOSS4G 2015
Mapping the world beyond web mercator - FOSS4G 2015Mapping the world beyond web mercator - FOSS4G 2015
Mapping the world beyond web mercator - FOSS4G 2015
 
GeoServer an introduction for beginners
GeoServer an introduction for beginnersGeoServer an introduction for beginners
GeoServer an introduction for beginners
 
How to perform trouble shooting based on counters
How to perform trouble shooting based on countersHow to perform trouble shooting based on counters
How to perform trouble shooting based on counters
 
Umts Kpi
Umts KpiUmts Kpi
Umts Kpi
 
State of GeoServer, GeoTools and Friends 2014
State of GeoServer, GeoTools and Friends 2014State of GeoServer, GeoTools and Friends 2014
State of GeoServer, GeoTools and Friends 2014
 
Channel element
Channel elementChannel element
Channel element
 

Similar to Advanced Security with GeoServer - FOSS4G 2015

Advanced Security With GeoServer
Advanced Security With GeoServerAdvanced Security With GeoServer
Advanced Security With GeoServerGeoSolutions
 
GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...
GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...
GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...GeoSolutions
 
GeoNetwork, The Open Source Solution for the interoperable management of ge...
GeoNetwork, The Open Source Solution for the interoperable management of ge...GeoNetwork, The Open Source Solution for the interoperable management of ge...
GeoNetwork, The Open Source Solution for the interoperable management of ge...GeoSolutions
 
OSGi Overview TomTom DevDay May 2009
OSGi Overview TomTom DevDay May 2009OSGi Overview TomTom DevDay May 2009
OSGi Overview TomTom DevDay May 2009Toralf Richter
 
Technical Specification Overview - OSGi World Congress 2002 Workshop Intro - ...
Technical Specification Overview - OSGi World Congress 2002 Workshop Intro - ...Technical Specification Overview - OSGi World Congress 2002 Workshop Intro - ...
Technical Specification Overview - OSGi World Congress 2002 Workshop Intro - ...mfrancis
 
Catania Science Gateway Framework
Catania Science Gateway Framework Catania Science Gateway Framework
Catania Science Gateway Framework riround
 
NextGEOSS Webinar - Cloud APIs
NextGEOSS Webinar - Cloud APIsNextGEOSS Webinar - Cloud APIs
NextGEOSS Webinar - Cloud APIsterradue
 
GeoServer The Open Source Solution for the interoperable management of geos...
GeoServer The Open Source Solution for the interoperable management of geos...GeoServer The Open Source Solution for the interoperable management of geos...
GeoServer The Open Source Solution for the interoperable management of geos...GeoSolutions
 
OSGi For Java Infrastructures [5th IndicThreads Conference On Java 2010, Pune...
OSGi For Java Infrastructures [5th IndicThreads Conference On Java 2010, Pune...OSGi For Java Infrastructures [5th IndicThreads Conference On Java 2010, Pune...
OSGi For Java Infrastructures [5th IndicThreads Conference On Java 2010, Pune...IndicThreads
 
Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...
Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...
Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...GeoSolutions
 
Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...
Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...
Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...smespire
 
OSGi DevCon 2009 Review
OSGi DevCon 2009 ReviewOSGi DevCon 2009 Review
OSGi DevCon 2009 Reviewnjbartlett
 
Sword Cetis 2007 06 29
Sword Cetis 2007 06 29Sword Cetis 2007 06 29
Sword Cetis 2007 06 29Julie Allinson
 
Osgi Webinar
Osgi WebinarOsgi Webinar
Osgi WebinarWSO2
 
OSGi on Google Android using Apache Felix
OSGi on Google Android using Apache FelixOSGi on Google Android using Apache Felix
OSGi on Google Android using Apache FelixMarcel Offermans
 
Sword Or2008 Julieallinson
Sword Or2008 JulieallinsonSword Or2008 Julieallinson
Sword Or2008 JulieallinsonJulie Allinson
 

Similar to Advanced Security with GeoServer - FOSS4G 2015 (20)

Advanced Security With GeoServer
Advanced Security With GeoServerAdvanced Security With GeoServer
Advanced Security With GeoServer
 
GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...
GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...
GeoServer for Spatio-temporal Data Handling With Examples For MetOc And Remot...
 
GeoNetwork, The Open Source Solution for the interoperable management of ge...
GeoNetwork, The Open Source Solution for the interoperable management of ge...GeoNetwork, The Open Source Solution for the interoperable management of ge...
GeoNetwork, The Open Source Solution for the interoperable management of ge...
 
OSGi Overview TomTom DevDay May 2009
OSGi Overview TomTom DevDay May 2009OSGi Overview TomTom DevDay May 2009
OSGi Overview TomTom DevDay May 2009
 
Dog2 0
Dog2 0Dog2 0
Dog2 0
 
Technical Specification Overview - OSGi World Congress 2002 Workshop Intro - ...
Technical Specification Overview - OSGi World Congress 2002 Workshop Intro - ...Technical Specification Overview - OSGi World Congress 2002 Workshop Intro - ...
Technical Specification Overview - OSGi World Congress 2002 Workshop Intro - ...
 
Catania Science Gateway Framework
Catania Science Gateway Framework Catania Science Gateway Framework
Catania Science Gateway Framework
 
Sword Crig 2007 12 06
Sword Crig 2007 12 06Sword Crig 2007 12 06
Sword Crig 2007 12 06
 
NextGEOSS Webinar - Cloud APIs
NextGEOSS Webinar - Cloud APIsNextGEOSS Webinar - Cloud APIs
NextGEOSS Webinar - Cloud APIs
 
GeoServer The Open Source Solution for the interoperable management of geos...
GeoServer The Open Source Solution for the interoperable management of geos...GeoServer The Open Source Solution for the interoperable management of geos...
GeoServer The Open Source Solution for the interoperable management of geos...
 
OSGi For Java Infrastructures [5th IndicThreads Conference On Java 2010, Pune...
OSGi For Java Infrastructures [5th IndicThreads Conference On Java 2010, Pune...OSGi For Java Infrastructures [5th IndicThreads Conference On Java 2010, Pune...
OSGi For Java Infrastructures [5th IndicThreads Conference On Java 2010, Pune...
 
Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...
Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...
Raster Data In GeoServer and GeoTools: Achievements, Issues And Future Develo...
 
Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...
Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...
Taming OpenData and INSPIRE challenges with Open Source: lessons learned and ...
 
OSGi DevCon 2009 Review
OSGi DevCon 2009 ReviewOSGi DevCon 2009 Review
OSGi DevCon 2009 Review
 
GENIVI + OCF Cooperation
GENIVI + OCF CooperationGENIVI + OCF Cooperation
GENIVI + OCF Cooperation
 
Sword Cetis 2007 06 29
Sword Cetis 2007 06 29Sword Cetis 2007 06 29
Sword Cetis 2007 06 29
 
Sword Cetis 2007 06 29
Sword Cetis 2007 06 29Sword Cetis 2007 06 29
Sword Cetis 2007 06 29
 
Osgi Webinar
Osgi WebinarOsgi Webinar
Osgi Webinar
 
OSGi on Google Android using Apache Felix
OSGi on Google Android using Apache FelixOSGi on Google Android using Apache Felix
OSGi on Google Android using Apache Felix
 
Sword Or2008 Julieallinson
Sword Or2008 JulieallinsonSword Or2008 Julieallinson
Sword Or2008 Julieallinson
 

More from GeoSolutions

MapStore 2 - The Story
MapStore 2 - The StoryMapStore 2 - The Story
MapStore 2 - The StoryGeoSolutions
 
Introduction to GeoNode
Introduction to GeoNodeIntroduction to GeoNode
Introduction to GeoNodeGeoSolutions
 
Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...GeoSolutions
 
GeoServer Feature FRENZY
GeoServer Feature FRENZYGeoServer Feature FRENZY
GeoServer Feature FRENZYGeoSolutions
 
State of GeoServer 2.12
State of GeoServer 2.12State of GeoServer 2.12
State of GeoServer 2.12GeoSolutions
 
MapStore 2, modern mashups with OL3, Leaflet and React
MapStore 2, modern mashups with OL3, Leaflet and ReactMapStore 2, modern mashups with OL3, Leaflet and React
MapStore 2, modern mashups with OL3, Leaflet and ReactGeoSolutions
 
State of GeoServer - FOSS4G 2016
State of GeoServer - FOSS4G 2016State of GeoServer - FOSS4G 2016
State of GeoServer - FOSS4G 2016GeoSolutions
 
Advanced Cartographic Map Rendering in GeoServer
Advanced Cartographic Map Rendering in GeoServerAdvanced Cartographic Map Rendering in GeoServer
Advanced Cartographic Map Rendering in GeoServerGeoSolutions
 
Spatio-temporal Data Handling With GeoServer for MetOc And Remote Sensing
Spatio-temporal Data Handling With GeoServer for MetOc And Remote SensingSpatio-temporal Data Handling With GeoServer for MetOc And Remote Sensing
Spatio-temporal Data Handling With GeoServer for MetOc And Remote SensingGeoSolutions
 
Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...
Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...
Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...GeoSolutions
 
GeoSolutions Keynote at WebMGS 2015
GeoSolutions Keynote at WebMGS 2015GeoSolutions Keynote at WebMGS 2015
GeoSolutions Keynote at WebMGS 2015GeoSolutions
 
Geosolutions gwf-2015-v01.04
Geosolutions gwf-2015-v01.04Geosolutions gwf-2015-v01.04
Geosolutions gwf-2015-v01.04GeoSolutions
 
Geoserver introduction, GeoBusiness 2015
Geoserver introduction, GeoBusiness 2015Geoserver introduction, GeoBusiness 2015
Geoserver introduction, GeoBusiness 2015GeoSolutions
 
Introduzione a GeoServer ed ai servizi OGC
Introduzione a GeoServer ed ai servizi OGCIntroduzione a GeoServer ed ai servizi OGC
Introduzione a GeoServer ed ai servizi OGCGeoSolutions
 
GeoServer, an introduction for beginners
GeoServer, an introduction for beginnersGeoServer, an introduction for beginners
GeoServer, an introduction for beginnersGeoSolutions
 

More from GeoSolutions (15)

MapStore 2 - The Story
MapStore 2 - The StoryMapStore 2 - The Story
MapStore 2 - The Story
 
Introduction to GeoNode
Introduction to GeoNodeIntroduction to GeoNode
Introduction to GeoNode
 
Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...Serving earth observation data with GeoServer: addressing real world requirem...
Serving earth observation data with GeoServer: addressing real world requirem...
 
GeoServer Feature FRENZY
GeoServer Feature FRENZYGeoServer Feature FRENZY
GeoServer Feature FRENZY
 
State of GeoServer 2.12
State of GeoServer 2.12State of GeoServer 2.12
State of GeoServer 2.12
 
MapStore 2, modern mashups with OL3, Leaflet and React
MapStore 2, modern mashups with OL3, Leaflet and ReactMapStore 2, modern mashups with OL3, Leaflet and React
MapStore 2, modern mashups with OL3, Leaflet and React
 
State of GeoServer - FOSS4G 2016
State of GeoServer - FOSS4G 2016State of GeoServer - FOSS4G 2016
State of GeoServer - FOSS4G 2016
 
Advanced Cartographic Map Rendering in GeoServer
Advanced Cartographic Map Rendering in GeoServerAdvanced Cartographic Map Rendering in GeoServer
Advanced Cartographic Map Rendering in GeoServer
 
Spatio-temporal Data Handling With GeoServer for MetOc And Remote Sensing
Spatio-temporal Data Handling With GeoServer for MetOc And Remote SensingSpatio-temporal Data Handling With GeoServer for MetOc And Remote Sensing
Spatio-temporal Data Handling With GeoServer for MetOc And Remote Sensing
 
Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...
Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...
Enterprise class deployment for GeoServer and GeoWebcache Optimizing perform...
 
GeoSolutions Keynote at WebMGS 2015
GeoSolutions Keynote at WebMGS 2015GeoSolutions Keynote at WebMGS 2015
GeoSolutions Keynote at WebMGS 2015
 
Geosolutions gwf-2015-v01.04
Geosolutions gwf-2015-v01.04Geosolutions gwf-2015-v01.04
Geosolutions gwf-2015-v01.04
 
Geoserver introduction, GeoBusiness 2015
Geoserver introduction, GeoBusiness 2015Geoserver introduction, GeoBusiness 2015
Geoserver introduction, GeoBusiness 2015
 
Introduzione a GeoServer ed ai servizi OGC
Introduzione a GeoServer ed ai servizi OGCIntroduzione a GeoServer ed ai servizi OGC
Introduzione a GeoServer ed ai servizi OGC
 
GeoServer, an introduction for beginners
GeoServer, an introduction for beginnersGeoServer, an introduction for beginners
GeoServer, an introduction for beginners
 

Recently uploaded

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 

Recently uploaded (20)

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 

Advanced Security with GeoServer - FOSS4G 2015

  • 1. Advanced Security With GeoServer Ing. Mauro Bartolomeoli Ing. Emanuele Tajariol Ing. Simone Giannecchini GeoSolutions
  • 2. GeoSolutions  Founded in Italy in late 2006  Expertise • Image Processing, GeoSpatial Data Fusion • Java, Java Enterprise, C++, Python • JPEG2000, JPIP, Advanced 2D visualization  Supporting/Developing FOSS4G projects  GeoServer, MapStore  GeoNetwork, GeoNode, Ckan  Clients  Public Agencies  Private Companies  http://www.geo-solutions.it FOSS4G 2015, Seoul 14th-19th September 2015
  • 3. Overview FOSS4G 2015, Seoul 14th-19th September 2015  GeoServer security handles  Authentication (filtering and credential checks)  Authorization (resource access managers)
  • 5. The filter chains FOSS4G 2015, Seoul 14th-19th September 2015  Different chains for different URL groups  Each chain authenticates in a different way by composigin different filters
  • 6.  UI chain, with form, HTTP session (creation allowed), and remember me services  OGC one, lighter, will use session if available, no creation Different usage, different chain FOSS4G 2015, Seoul 14th-19th September 2015
  • 7. Available auth filters FOSS4G 2015, Seoul 14th-19th September 2015  Gathering user credentials (and eventually invoking authentication providers chain)  Basic  Form  Digest  Anonymous (always the last)  Preauthentication (and eventually load user details from user/group and/or role service)  Session  HTTP Header  X.509  Remember Me  J2EE  Easy to implement and plug new filters  Missing: authenticate from environment variables (e.g. Shibboleth SSO)
  • 8. Authentication providers FOSS4G 2015, Seoul 14th-19th September 2015  Given credentials pulled from the filters, who is the user? Search in user/group database Auth as a LDAP user Auth as a DBMS user XML DBMS tables Authentication providers User/Group service Pluggable
  • 9. Role providers FOSS4G 2015, Seoul 14th-19th September 2015  Given the user, what are her roles in GeoServer?  Fundamental, authorization is role based  Extensible, new providers can be built LDAP DBMS XMLDBMS tables
  • 10. Extensions FOSS4G 2015, Seoul 14th-19th September 2015  CAS (https://www.apereo.org/cas): Single Sign On integration  Authkey: simple UUID to user mapper  Simple key in the URL (must use HTTPS)  Allows authentication unware clients to participate  Pluggable: possibility to define custom mappers (e.g. webservices)  URLMangler to add authkey to OGC request transparently (via GetCapabilities)
  • 12. Authorization FOSS4G 2015, Seoul 14th-19th September 2015  Given the user and her roles  Can the current «action» on the current «resource» be allowed?  Action:  Generic read/write  Specific OGC service/method call  Resource  Workspace  Layer  Layer Group  Style
  • 13. ResourceAccessManager FOSS4G 2015, Seoul 14th-19th September 2015  Pluggable interface, multiple implementations  Define AccessLimits for the various Catalog Resources (Workspace, Layer, Style, LayerGroup)  Can access the current request (service/method/details)  Allows for fine grained limits  Attributes visible  Read filters (which features can be read)  Write filters (which features can be written)  Filters:  Alphanumeric  Temporal  Spatial
  • 14. Implementations FOSS4G 2015, Seoul 14th-19th September 2015  Default security subsystem  Simple per workspace/layer authentication  GeoFence  External application (*)  Full use of ResourceAccessManager abilities  Other custom implementations  Integrate with existing in-house authorization mechanism  Quite popular in large enterprise setup
  • 16. GeoFence FOSS4G 2015, Seoul 14th-19th September 2015  Extended A&A for GeoServer  Optional Authentication, Sophisticated authorization  Open Source, GPL https://github.com/geoserver/geofence
  • 18. Stand alone User interface FOSS4G 2015, Seoul 14th-19th September 2015
  • 19. User management FOSS4G 2015, Seoul 14th-19th September 2015
  • 20. GeoFence rules FOSS4G 2015, Seoul 14th-19th September 2015  Authorizations are expressed as a priority-based rule set  Type of Rules are ALLOW/DENY/LIMIT  The first matching rule is the one that determines the outcome of the auth request
  • 21. GeoFence rules matching FOSS4G 2015, Seoul 14th-19th September 2015  Rules are matched based on:  Username  Group the provided user belongs to  GeoServer Instance (single GeoFence  multiple GS clusters)  OGC Service (e.g., WMS)  OGC Service Operation (e.g., GetFeatureInfo)  Workspace (E.g. it.geosolutions)  Layer name (E.g. topp:states)
  • 22. Example FOSS4G 2015, Seoul 14th-19th September 2015 Example  Let’s assume we have configured these rules :  User: u1, Service:WMS, Workspace=W1,ALLOW  User: u1, DENY  These rules will grant access for user u1 to  all the layers in worspace W1  only for WMS request  All other types of request will be DENIED.
  • 23. Restrictions (LIMIT rules) FOSS4G 2015, Seoul 14th-19th September 2015  When an ALLOW rule is matched, the user will have access to the requested resource:   Restrictions on available area   Restrictions on alphanumeric conditions
  • 24. Restrictions (LIMIT rules) FOSS4G 2015, Seoul 14th-19th September 2015   Restrictions on available attributes
  • 25. Stand-alone GeoFence FOSS4G 2015, Seoul 14th-19th September 2015  The GeoFence ResourceAccessManager (Geofence Probe) calls GeoFence REST services.  A cache is setup to minimize network traffic  A cache can be configured on different aspects: number of entries, expiration time  The cache provides REST operations (using GeoServer’s own REST dispatcher) in order to  Invalidate the cache  Query the cache statistics
  • 26. GeoFence REST API FOSS4G 2015, Seoul 14th-19th September 2015  REST interface for administration  automation  Complete CRUD access to the various entities managed by GeoFence:  Users and groups  GeoServer instances  Rules  Paging support  Priority ordering in rules is fundamental: different ways to insert and set a position for the new rules.  Batch mode, backup and restore available  See details at: https://github.com/geosolutions-it/geofence/wiki/REST-API
  • 27. GeoFence direct integration FOSS4G 2015, Seoul 14th-19th September 2015
  • 28. GeoFence integration FOSS4G 2015, Seoul 14th-19th September 2015  Simple setups demand simple solution  Have GeoFence run inside GeoServer  Integration similar to GWC one, runs like a plugin GeoServer GeoWebCache GeoFence Rules DB
  • 29. Baby steps FOSS4G 2015, Seoul 14th-19th September 2015  Born as a more future-proof alternative to improving the internal security subsystem  Community module, available via nightly builds  Delivers a subset of the full functionality: access/deny based on mix of user/layer/workspace/request  Integrated UI
  • 30. Baby steps FOSS4G 2015, Seoul 14th-19th September 2015  Born as a more future-proof alternative to improving the internal security subsystem  Community module, available via nightly builds  Delivers a subset of the full functionality: access/deny based on mix of user/layer/workspace/request  Integrated UI
  • 31. General Configuration FOSS4G 2015, Seoul 14th-19th September 2015
  • 32. General Configuration (continued) FOSS4G 2015, Seoul 14th-19th September 2015
  • 33. Creating rules FOSS4G 2015, Seoul 14th-19th September 2015
  • 34. Rules list FOSS4G 2015, Seoul 14th-19th September 2015
  • 35. Example 1 FOSS4G 2015, Seoul 14th-19th September 2015
  • 36. Example 1 – layer preview FOSS4G 2015, Seoul 14th-19th September 2015
  • 37. Example 2 FOSS4G 2015, Seoul 14th-19th September 2015
  • 38. Example 2 – layer preview FOSS4G 2015, Seoul 14th-19th September 2015
  • 39. TODO FOSS4G 2015, Seoul 14th-19th September 2015  Allow to edit LIMIT rules  Force default style  Limit attributes  Filter contents  Limit by area  Control writes at the rule level  Better/Easier way to re-order rules  Configuration of external database (now using embedded H2 in data dir, not cluster friendly)  Migrate old security system rules to GeoFence as possible
  • 40. That’s all folks! Questions? info@geo-solutions.it FOSS4G 2015, Seoul 14th-19th September 2015