| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172 |
- .. _rest_security:
- Security
- ========
- The REST API allows you to adjust GeoServer security settings.
- .. note:: Read the :api:`API reference for /security <security.yaml>`.
- Listing the keystore password
- -----------------------------
- **Retrieve the keystore password for the "root" account**
- *Request*
- .. admonition:: curl
- ::
- curl -v -u admin:geoserver -XGET http://localhost:8080/geoserver/rest/security/masterpw.xml
- Changing the keystore password
- ------------------------------
- **Change to a new keystore password**
- .. note:: Requires knowledge of the current keystore password.
- Given a ``changes.xml`` file:
- .. code-block:: xml
- <masterPassword>
- <oldMasterPassword>-"}3a^Kh</oldMasterPassword>
- <newMasterPassword>geoserver1</newMasterPassword>
- </masterPassword>
- *Request*
- .. admonition:: curl
- ::
- curl -v -u admin:geoserver -XPUT -H "Content-type: text/xml" -d @change.xml http://localhost:8080/geoserver/rest/security/masterpw.xml
- *Response*
- ::
- 200 OK
- Listing the catalog mode
- ------------------------
- **Fetch the current catalog mode**
- *Request*
- .. admonition:: curl
- ::
- curl -v -u admin:geoserver -XGET http://localhost:8080/geoserver/rest/security/acl/catalog.xml
- *Response*
- .. code-block:: xml
- <?xml version="1.0" encoding="UTF-8"?>
- <catalog>
- <mode>HIDE</mode>
- </catalog>
- Changing the catalog mode
- -------------------------
- **Set a new catalog mode**
- Given a ``newMode.xml`` file:
- .. code-block:: xml
- <?xml version="1.0" encoding="UTF-8"?>
- <catalog>
- <mode>MIXED</mode>
- </catalog>
- *Request*
- .. admonition:: curl
- ::
-
- curl -v -u admin:geoserver -XPUT -H "Content-type: text/xml" -d @newMode.xml http://localhost:8080/geoserver/rest/security/acl/catalog.xml
- Listing access control rules
- ----------------------------
- **Retrieve current list of access control rules**
- *Request*
- .. admonition:: curl
- ::
- curl -v -u admin:geoserver -XGET http://localhost:8080/geoserver/rest/security/acl/layers.xml
- *Response*
- .. code-block:: xml
- <?xml version="1.0" encoding="UTF-8"?>
- <rules />
- .. note:: The above response shows no rules specified.
- Changing access control rules
- -----------------------------
- **Set a new list of access control rules**
- Given a ``rules.xml`` file:
- .. code-block:: xml
- <?xml version="1.0" encoding="UTF-8"?>
- <rules>
- <rule resource="topp.*.r">ROLE_AUTHORIZED</rule>
- <rule resource="topp.mylayer.w">ROLE_1,ROLE_2</rule>
- </rules>
- *Request*
- .. admonition:: curl
- ::
- curl -v -u admin:geoserver -XPOST -H "Content-type: text/xml" -d @rules.xml http://localhost:8080/geoserver/rest/security/acl/layers.xml
-
- *Response*
- ::
- 201 Created
- Deleting access control rules
- -----------------------------
- **Delete individual access control rule**
- *Request*
- .. admonition:: curl
- ::
- curl -v -u admin:geoserver -XDELETE http://localhost:8080/geoserver/rest/security/acl/layers/topp.*.r
-
- *Response*
- ::
- 200 OK
|
