GeoServer : Security issue - Disable demoRequest
This page last changed on Mar 07, 2008 by email@example.com.
This document discusses a fix for a serious weakness found in the demo system (GEOS-1792). The following patch eliminates the problem by disabling the demo section of the web interface, it works for Geoserver 1.4.x, 1.5.x and 1.6.x.
All users are strongly encouraged to upgrade to the latest stable version (1.6.2a and newer), which fixes this issue.
Locate the XML file
If you downloaded the Windows installer, and chose the default installation path, it will be in
If you are running Tomcat then you will find it in Tomcats webapps-directory, under geoserver.
Open the file in a text editor(we do not recommend Notepad, but you can try Notepad++) and comment out the following section:
so that is looks like this
and save the file. Then remember to restart GeoServer.
If you prefer diffs:
|Document generated by Confluence on May 14, 2014 23:00|