I want to implement that Authentic login users of my website can only have access to Geoserver's specific layers.
[GIS] How to use Geoserver Authentication with Spring Security in WebApplication
authenticationgeoserverSecurity
authenticationgeoserverSecurity
I want to implement that Authentic login users of my website can only have access to Geoserver's specific layers.
Best Answer
There seems to be a per-layer-authorisation in geoserver which can be implemented out-of-the-box only with a role concept.
Here is an approach described to achieve what you want by restricting access to user folders.
If you already have a Spring Security module, I could also imagine, you could put it in front of geoserver as a facade and implement your own authorisation logic. So you should be able to map layers to authorised users. Then you should take geoserver out of direct public access.
It seems like several mapping clients are not able to handle even basic authentication as mentioned here. In order to save your users from additional troubles when connecting to your services, its probably useful to go with the authkey module of geoserver. Therefore the client just needs to add an authentication token, but the request should be secured by an https connection.