[GeoNode-users] Layer Security Geonode/Geoserver

Alessio Fabiani alessio.fabiani at geo-solutions.it
Fri Jun 9 06:25:41 PDT 2017


Hello,

for version GeoNode 2.4 + GeoServer 2.7 could be not so straight.
A possible solutions (not sure if actually works) could be to create a new
"Layer" on GeoNode referring to the GeoServer LayerGroup (you can use
another existing Layer as template for the values) and set permissions to
"Anonymous" from GeoNode.

This is because GeoNode 2.4 uses a REST API with the list of allowed layers
in order to allow GeoServer understand which ones are accessible or not.

Make a try and let me know if it works.



Best Regards,
Alessio Fabiani.

==

GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.
==

Ing. Alessio Fabiani
@alfa7691
github <https://github.com/afabiani?tab=overview>
Founder/Technical Lead

GeoSolutions S.A.S.
Via di Montramito 3/A
55054  Massarosa (LU)
Italy
phone: +39 0584 962313 <0584%20962313>
fax:     +39 0584 1660272 <0584%20166%200272>

http://www.geo-solutions.it
http://twitter.com/geosolutions_it
-------------------------------------------------------
*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*
Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility  for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.
---------------------------------------------------------------------

On Fri, Jun 9, 2017 at 3:17 PM, John, Steffen <s.john at atenekom.eu> wrote:

> Hi!
> I'm using Geonode 2.4 with Geoserver 2.7. I'm actually not sure whether
> this question belongs to GeoNode or GeoServer mailing list.
> Here what I want to do:
>
> I added a layer group to Geoserver and want to add this as a
> backgroundlayer to the geonode maps (for example at creating a new map).
> Since layer groups are not supported from Geonode, I added this layergroup
> as "external" WMS by appending its properties to MAP_BASELAYERS in
> settings.py.
>
> The Problem:
> This works fine as long as a user is logged in in Geonode. Anonymous Users
> get red tiles. Since I can't add the layer to Geonode I also can't set the
> permission for it.
>
> I thought it must be possible to grant access for anonymous users from the
> Geoserver security for only this layer. I tried all the Geoserver security
> tutorials, read about filter and provider chains, modified
> layers.properties and tried somehow changing the authentification filters,
> but none of it worked. It is very complex and I still didn't understood it,
> completely.
>
> I was actually wondering, because the layers and service security is both
> set to *.*, meaning that access to all services and layers is granted to
> all roles. But this doesn't seem to be the case.
>
> To summarize:
>
> I want to grant access for anonymous users for a specific layer group in
> Geoserver. Other layers should be secured as normal.
> Ideally, the access is not granted to everyone, but only to requests with
> a specific referer information in the request, but I'm not sure if this is
> even possible.
>
> Any hints are highly appreciated.
> Thanks a lot!
>
> Steffen
>
>
>
> _______________________________________________
> geonode-users mailing list
> geonode-users at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/geonode-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20170609/3d55e9e4/attachment.html>


More information about the geonode-users mailing list