settings.rst 1.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142
  1. .. _security_webadmin_settings:
  2. Settings
  3. ========
  4. The Settings page controls the global GeoServer security settings.
  5. .. figure:: images/settings.png
  6. Security Settings page
  7. Active role service
  8. -------------------
  9. This option sets the active :ref:`role service <security_rolesystem_roleservices>` (provides information about roles). Role services are managed on the :ref:`security_webadmin_ugr` page. There can be only one active role service at one time.
  10. Encryption
  11. ----------
  12. The GeoServer user interface (UI) can sometimes expose parameters in plain text inside the URLs. As a result, it may be desirable to encrypt the URL parameters. To enable encryption, select :guilabel:`Encrypt web admin URL parameters`. This will configure GeoServer to uses a PBE-based :ref:`security_passwd_encryption`.
  13. For example, with this feature enabled, the page::
  14. http://GEOSERVER/web/?wicket:bookmarkablePage=:org.geoserver.security.web.SecuritySettingsPage
  15. would now be found at the following URL::
  16. http://GEOSERVER/web/?x=hrTNYMcF3OY7u4NdyYnRanL6a1PxMdLxTZcY5xK5ZXyi617EFEFCagMwHBWhrlg*ujTOyd17DLSn0NO2JKO1Dw
  17. Password encryption
  18. -------------------
  19. This setting allows you to select the type of :ref:`security_passwd_encryption` used for passwords. The options are :guilabel:`Plain text`, :guilabel:`Weak PBE`, or :guilabel:`Strong PBE`.
  20. If Strong PBE is not available as part of the JVM, a warning will display and the option will be disabled. To enable Strong PBE, you must install external policy JARs that support this form of encryption. See the section on :ref:`security_passwd_encryption` for more details about these settings.
  21. .. figure:: images/settings_pbewarning.png
  22. Warning if Strong PBE is not available