Authentication and authorization management to OGC services with GeoShield: Introducing the GeoServer Resource Access Manager plug-in and SOS protection

Session Type: 
Tech Session
Milan Antonovic, Institute of Earth Sciences, SUPSI-IST
Dr Massimiliano Cannata, SUPSI-IST

Enterprises are increasingly feeling the need of more sophisticated data access control to OGC services. Nowadays there aren't many solution to manage data access control. Using actual techniques, administrators can mostly define read or write permission to specific services.

GeoShield meets this need by offering a centralized way to define security access-control to OGC services through a nice user friendly web interface. Basically it acts like a proxy, intercepting all the communications between clients and OGC compliant services (WMS, WFS, SOS). GeoShield is able to manage users and groups, it handles authentication and privileges settings among groups and registered services. It is capable to analyze requests applying the configured permission filters and/or manipulating the response accordingly.

This year GeoShield extends his capabilities introducing two major improvements: the Sensor Observation Services protection and the GeoServer Resource Access Manager plug-in.

The SOS protection introduces the definition of permissions for core and transactional profiles. Data managers can now set read permissions for each Observation Offering, and authorize writing permissions to transactional profile requests only to authorized users.

Thanks to the latest GeoServer release (2.1), GeoShield can be directly integrated with the new Resource Access Manager plug-in. This extension give some benefits in term of speed and reliability, GeoShield's proxy capabilities is bypassed, minimizing response time.

The presentation will introduce the attenders with GeoShield and the newly developed features throughout a practical demo.

Speaker Bio: 

Currently Employed as Software Engineer at the Geomatics Division of the Earth Science Institute, a section of the University of Applied Sciences of Southern Switzerland. His main fields are Geographical Web Services and webgis applications, in particular he is specialized in the development of government or public web application based on OGC services, like WMS, WFS, WPS and SOS.

Schedule info