Acasă Explorează Ajutor
Înregistrare Autentificare
siwei
/
web-server
1
0
Bifurcare 0
Fisiere Probleme 0 Trageți solicitările 0 Wiki
Ramură: master
Ramuri Etichete
web-server
/
doc
/
en
/
user
/
source
/
data
/
database
/
sqlsession.rst

sqlsession.rst 3.9 KB
Permalink Istoric Crud

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 
  1. .. _data_sqlsession:
    2. 

  2. 

  3. Custom SQL session start/stop scripts 
    4. 

  4. =====================================
    5. 

  5. 

  6. Starting with version 2.1.4 GeoServer support custom SQL scripts that can be run every time GeoServer
    7. 

  7. grabs a connection from the connection pool, and every time the session is returned to the pool.
    8. 

  8. 

  9. These scripts can be parametrized with the expansion of environment variables, which can be in turn
    10. 

  10. set into the OGC request parameters with the same mechanism as :ref:`sld_variable_substitution`.
    11. 

  11. 

  12. In addition to the parameters provided via the request the ``GSUSER`` variable is guaranteed to
    13. 

  13. contain the current GeoServer user, or be null if no authentication is available. This is useful
    14. 

  14. if the SQL sessions scripts are used to provide tight control over database access
    15. 

  15. 

  16. The SQL script can expand environment variables using the ``${variableName, defaultValue}`` syntax,
    17. 

  17. for example the following alters the current database user to be the same as the GeoServer current user, 
    18. 

  18. or ``geoserver`` in case no user was authenticated
    19. 

  19. 

  20. .. code-block::
    21. 

  21. 

  22.    SET SESSION AUTHORIZATION ${GSUSER,geoserver}
    23. 

  23. 

  24. Using SQL session scripts to control authorizations at the database level
    25. 

  25. -------------------------------------------------------------------------
    26. 

  26. 

  27. GeoServer connects to a database via a connection pool, using the same rights as the user that
    28. 

  28. is specified in the connection pool setup.
    29. 

  29. In a setup that provides a variety of services and tables the connection pool user must have
    30. 

  30. a rather large set of rights, such as table selection (WMS), table insert/update/delete (WFS-T) and
    31. 

  31. even table creation (data upload via RESTConfig, WPS Import process and eventual new processes leveraging
    32. 

  32. direct database connections).
    33. 

  33. 

  34. What a user can do can be controlled by means of the GeoServer security subsystem, but in high security
    35. 

  35. setups this might not be considered enough, and a database level access control be preferred instead.
    36. 

  36. In these setups normally the connection pool user has limited access, such as simple read only access,
    37. 

  37. while specific users are allowed to perform more operations.
    38. 

  38. 

  39. When setting up such a solution remember the following guidelines:
    40. 

  40. 

  41. * The connection pool user must be able to access all table metadata regardless of whether it is able
    42. 

  42.   to actually perform a select on the tables (dictionary tables/describe functionality must be always accessible)
    43. 

  43. * The connection pool must see each and every column of tables and views, in other words, the
    44. 

  44.   structure of the tables must not change as the current user changes
    45. 

  45. * the database users and the GeoServer user must be kept in synch with some external tools, GeoServer
    46. 

  46.   provides no out of the box facilities
    47. 

  47. * during the GeoServer startup the code will access the database to perform some sanity checks, 
    48. 

  48.   in that moment there is no user authenticated in GeoServer so the code will run under whatever
    49. 

  49.   user was specified as the "default value" for the ``GSUSER`` variable. 
    50. 

  50. * The user that administers GeoServer (normally ``admin``, but it can be renamed, and other users
    51. 

  51.   given the administration roles too) must also be a database user, all administrative access on the
    52. 

  52.   GeoServer GUI will have that specific user controlling the session  
    53. 

  53.   
    54. 

  54. Typical use cases:
    55. 

  55.   
    56. 

  56. * Give insert/update/delete rights only to users that must use WFS-T 
    57. 

  57. * Only allow the administrator to create new tables
    58. 

  58. * Limit what rows of a table a user can see by using dynamic SQL views taking into account the
    59. 

  59.   current user to decide what rows to return 
    60. 

  60.   
    61. 

  61. To make a point in case, if we want the PostgreSQL session to run with the current GeoServer user
    62. 

  62. credentials the following scripts will be used:
    63. 

  63. 

  64. .. figure:: images/postgresqlSession.png
    65. 

  65.    :align: center
    66. 

  66. 

  67.    *Setting up session authorization for PostgreSQL*
    68. 

  68. 

  69. The first command makes the database session use either the current GeoServer user, or the ``geoserver``
    70. 

  70. user if no authentication was available (anonymous user, or startup situation).
    71. 

  71. The second command resets the session to the rights of the connection pool user.
    72. 

  72.  
    73. 

  73.