Security

This section details the security subsystem in GeoServer, which is based on Spring Security.

The first page discusses configuration options in the web administration interface. This is followed with a detailed discussion of the underlying processes.

• Security settings
  • Settings
  • Authentication
  • Passwords
  • Users, Groups, Roles
  • Data
  • Services
  • File Browsing
  • CSRF Protection
• Role system
  • Users and Groups
  • User/group services
  • Roles
  • Role services
  • Role source and role calculation
  • Interaction between user/group and role services
• Authentication
  • Authentication chain
  • Authenticating to the Web Admin Interface
  • Authentication to OWS and REST services
  • Authentication providers
• Passwords
  • Password encryption
  • Secret keys and the keystore
  • Keystore password
  • Password policies
• Root account
• Service Security
  • OWS services
  • REST services
• Layer security
  • Rules
  • Catalog Mode
  • Access modes
  • Examples
• REST Security
  • Syntax
  • Examples
• Disabling security
• Tutorials
  • Authentication with LDAP
  • Authentication with LDAP against ActiveDirectory
  • Configuring Digest Authentication
  • Configuring X.509 Certificate Authentication
  • Configuring J2EE Authentication
  • Configuring HTTP Header Proxy Authentication
  • Configuring Apache HTTPD Session Integration
  • Authentication with CAS