-
Notifications
You must be signed in to change notification settings - Fork 0
GWC Data Security
GWC Data Security is an option that can be turned on and turned off using the GeoServer web administration (in "Caching Defaults"). The default is turned off. To enable it, it must be turned on.
When turned on, the GWC dispatcher will do a data security check before calling GeoWebCache, checking whether the user actually has access to the layer. When doing a WMS-C request, it will also check if the requested bounding box is accessible. (Other forms of data limitations are not supported, only geometrical areas). Requests for bounding boxes outside of the limited area will be rejected. This is different from the regular WMS, which will give white space. However, if we use integrated WMS/WMS-C the request will be forwarded back to WMS and still give the white space as result.
When using the default GeoServer security system, layer security cannot be combined in rules with service security. However, in geofence (and possibly other tools) it is in fact possible to make particular combinations. In this case the WMS-C service inherits all security rules from the regular WMS service; while all other GWC services will get their security from rules associated with the GWC service itself.