I want to publish map layers using OpenLayers and GeoServer. While this is easy enough to set up, I'm a bit lost when it comes to authentication possibilities. What I want is to create different users that will, by logging in with their own user name and password, be directed to their own map window. How can this be securely done so that none of my users will be able to access each other's layers?
I have understood that it is quite easy to "hack" the setup by, for example, making queries to the GeoServer where one simply asks it to list all the available layers.
What are my options? I suppose apache could be of help when setting it up in my ubuntu server? Any tutorials on this subject?
Best Answer
First of all, I think you should read the Geoserver documentation on Security. http://docs.geoserver.org/stable/en/user/security/index.html you will discover it is possible to make layers accessible/inaccessible to different users or roles.
Another possible solution would be to make geoserver inaccessible from the outside world (close port 8080 on your server for IP's other then localhost) and then create an authentication mechanism yourself in the web programming language of your choice.
For instance: You could set up some sort of login/authentication in php that forwards requests to the geoserver on localhost once authenticated.