GeoServer : GSIP 91 - Enhance authentication filter chain configuration
This page last changed on Jan 21, 2013 by jive.
Enhance the filter chain configuration to cover common configuration uses cases. This GSIP is motivated by the security elements offered by the J2EE web.xml file.
Choose one of: Under Discussion, In Progress, Completed, Rejected, Deferred
The current security system uses a fixed set of filter chains. The chains can be configured but there are some common uses cases which are not supported.
The REST filter chain uses the ANT pattern: /rest/**
Anonymous users should have access for HTTP POST and GET. Authenticated USERS should have access for all HTTP methods (PUT,DELETE,...). Since basic authentication is used, SSL is required.
Chains needed (the order is important):
This GSIP introduces the following new features:
All enhancments are configureable using the Admin GUI.
This section should contain feedback provided by PSC members who may have a problem with the proposal.
State here any backwards compatibility issues.
|Document generated by Confluence on May 14, 2014 23:00|