This documentation is from an open source community project.

While every reasonable effort is made to ensure it is correct, it is provided "as is" for reference only, with no guarantees that it is complete, accurate, or current. Not all features, extensions, and plug-ins described within these docs are supported by Boundless.

See an error? Scroll to the bottom to 'Report an Issue'.
Community Docs  
  • Introduction
    • Overview
    • History
    • Getting involved
    • License
  • Installation
    • Windows installer
    • Windows binary
    • Mac OS X installer
    • Mac OS X binary
    • Linux binary
    • Web archive
    • Upgrading existing versions
  • Getting Started
    • Web Administration Interface Quickstart
    • Publishing a Shapefile
    • Publishing a PostGIS Table
  • GeoServer Data Directory
    • Creating a New Data Directory
    • Setting the Data Directory
    • Structure of the Data Directory
    • Migrating a Data Directory between different versions
  • Web Administration Interface
    • Interface basics
    • Server
    • Layer Preview
    • Data
    • Services
    • Tile Caching
    • Security
    • Demos
  • Working with Vector Data
    • Shapefile
    • Directory of spatial files
    • Java Properties
    • GML
    • VPF
    • Pregeneralized Features
  • Working with Raster Data
    • GeoTIFF
    • GTOPO30
    • WorldImage
    • ImageMosaic
    • ArcGrid
    • GDAL Image Formats
    • Oracle Georaster
    • Postgis Raster
    • ImagePyramid
    • Image Mosaic JDBC
    • Custom JDBC Access for image data
    • Coverage Views
  • Working with Databases
    • PostGIS
    • H2
    • ArcSDE
    • DB2
    • MySQL
    • Oracle
    • Microsoft SQL Server and SQL Azure
    • Teradata
    • Database Connection Pooling
    • JNDI
    • SQL Views
    • Controlling feature ID generation in spatial databases
    • Custom SQL session start/stop scripts
    • Using SQL session scripts to control authorizations at the database level
  • Working with Application Schemas
    • Complex Features
    • Installation
    • WFS Service Settings
    • Configuration
    • Mapping File
    • Application Schema Resolution
    • Supported GML Versions
    • Secondary Namespaces
    • CQL functions
    • Property Interpolation
    • Data Stores
    • Feature Chaining
    • Polymorphism
    • Data Access Integration
    • WMS Support
    • WFS 2.0 Support
    • Joining Support For Performance
    • Tutorial
  • Working with Cascaded Services
    • External Web Feature Server
    • Cascaded Web Feature Service Stored Queries
    • External Web Map Server
  • Filtering in GeoServer
    • Supported filter languages
    • Filter Encoding Reference
    • ECQL Reference
    • Filter functions
    • Filter Function Reference
  • Styling
    • Introduction to SLD
    • Working with SLD
    • SLD Cookbook
    • SLD Reference
    • SLD Extensions in GeoServer
    • SLD Tips and Tricks
  • Services
    • Web Feature Service
    • Web Map Service
    • Web Coverage Service
    • Virtual OWS Services
  • REST configuration
    • REST configuration API reference
    • REST configuration examples
  • Advanced GeoServer Configuration
    • Coordinate Reference System Handling
    • Advanced log configuration
    • WMS Decorations
  • Security
    • Role system
    • Authentication
    • Passwords
    • Root account
    • Service Security
    • Layer security
    • REST Security
    • Disabling security
    • Tutorials
  • Running in a Production Environment
    • Java Considerations
    • Container Considerations
    • Configuration Considerations
    • Data Considerations
    • Linux init scripts
    • Other Considerations
    • Troubleshooting
    • Make cluster nodes identifiable from the GUI
  • Caching with GeoWebCache
    • Using GeoWebCache
    • Configuration
    • Seeding and refreshing
    • HTTP Response Headers
    • GeoWebCache REST API
    • Troubleshooting
  • Google Earth
    • Overview
    • Quickstart
    • KML Styling
    • Tutorials
    • Features
  • Extensions
    • Control flow module
    • CSS Styling
    • Catalog Services for the Web (CSW)
    • DXF OutputFormat for WFS and WPS PPIO
    • Excel WFS Output Format
    • GeoSearch
    • GRIB
    • Imagemap
    • Importer
    • INSPIRE
    • JP2K Plugin
    • libjpeg-turbo Map Encoder Extension
    • Monitoring
    • NetCDF
    • NetCDF Output format
    • OGR based WFS Output Format
    • OGR based WPS Output Format
    • GeoServer Printing Module
    • Cross-layer filtering
    • Web Processing Service
    • XSLT WFS output format module
    • Web Coverage Service 2.0 Earth Observation extensions
  • Tutorials
    • Freemarker Templates
    • GeoRSS
    • GetFeatureInfo Templates
    • Paletted Images
    • Serving Static Files
    • WMS Reflector
    • WMS Animator
    • CQL and ECQL
    • Using the ImageMosaic plugin
    • Using the ImageMosaic plugin for raster time-series data
    • Using the ImageMosaic plugin for raster with time and elevation data
    • Using the ImageMosaic plugin with footprint mangement
    • Building and using an image pyramid
    • Storing a coverage in a JDBC database
    • Using the GeoTools feature-pregeneralized module
    • Setting up a JNDI connection pool with Tomcat
    • geoserver on JBoss
  • Community
    • Key authentication module
    • DDS/BIL(World Wind Data Formats) Extension
    • Python
    • Scripting
    • SpatiaLite
    • Dynamic colormap generation
    • JDBCConfig
    • MBTiles Extension
    • GeoPackage Extension
    • REST PathMapper Plugin
    • PGRaster
    • WPS download community module
    • JMS based Clustering
    • SOLR data store
    • SLD REST Service
    • Resumable REST Upload Plugin
    • GeoMesa data store
    • GWC Distributed Caching community module
    • Geofence Internal Server
    • GDAL based WCS Output Format
    • GWC S3 BlobStore plugin
 
GeoServer User Manual
  • OpenGeo Suite »
  • GeoServer »
  • Security
Next Previous

Security¶

This section details the security subsystem in GeoServer, which is based on Spring Security. For web-based configuration, please see the section on Security in the Web Administration Interface.

As of GeoServer 2.2.0, the security subsystem has been completely re-engineered, providing a more secure and flexible authentication framework. This rework is largely based on a Christian Müeller’s masters thesis entitled Flexible Authentication for Stateless Web Services. It is good reading to help understanding many of the new concepts introduced.

  • Role system
    • Users and Groups
    • User/group services
    • Roles
    • Role services
    • Role source and role calculation
    • Interaction between user/group and role services
  • Authentication
    • Authentication chain
    • Authenticating to the Web Admin Interface
    • Authentication to OWS and REST services
    • Authentication providers
  • Passwords
    • Password encryption
    • Secret keys and the keystore
    • Master password
    • Password policies
  • Root account
  • Service Security
    • OWS services
    • REST services
  • Layer security
    • Rules
    • Catalog Mode
    • Access modes
    • Examples
  • REST Security
    • Syntax
    • Examples
  • Disabling security
  • Tutorials
    • Authentication with LDAP
    • Authentication with LDAP against ActiveDirectory
    • Configuring Digest Authentication
    • Configuring X.509 Certificate Authentication
    • Configuring J2EE Authentication
    • Configuring HTTP Header Proxy Authentication
    • Configuring Apache HTTPD Session Integration
    • Authentication with CAS
Next Previous
© CC BY-SA 3.0.
Report an Issue
  Component Manuals
  • GeoServer Spatial Server
  • GeoWebCache Map Tile Cache
  • PostGIS Spatial Database
  • QGIS Desktop GIS
  • Boundless SDK Web Client API
  • OpenLayers Web Mapping Library
  • GeoExplorer Web Map Viewer
Back to Suite User Manual
Based on RTD theme.