| 123456789101112131415161718192021222324252627282930313233343536373839404142 |
- .. _security_webadmin_settings:
- Settings
- ========
- The Settings page controls the global GeoServer security settings.
- .. figure:: images/settings.png
- Security Settings page
- Active role service
- -------------------
- This option sets the active :ref:`role service <security_rolesystem_roleservices>` (provides information about roles). Role services are managed on the :ref:`security_webadmin_ugr` page. There can be only one active role service at one time.
- Encryption
- ----------
- The GeoServer user interface (UI) can sometimes expose parameters in plain text inside the URLs. As a result, it may be desirable to encrypt the URL parameters. To enable encryption, select :guilabel:`Encrypt web admin URL parameters`. This will configure GeoServer to uses a PBE-based :ref:`security_passwd_encryption`.
- For example, with this feature enabled, the page::
- http://GEOSERVER/web/?wicket:bookmarkablePage=:org.geoserver.security.web.SecuritySettingsPage
- would now be found at the following URL::
- http://GEOSERVER/web/?x=hrTNYMcF3OY7u4NdyYnRanL6a1PxMdLxTZcY5xK5ZXyi617EFEFCagMwHBWhrlg*ujTOyd17DLSn0NO2JKO1Dw
- Password encryption
- -------------------
- This setting allows you to select the type of :ref:`security_passwd_encryption` used for passwords. The options are :guilabel:`Plain text`, :guilabel:`Weak PBE`, or :guilabel:`Strong PBE`.
- If Strong PBE is not available as part of the JVM, a warning will display and the option will be disabled. To enable Strong PBE, you must install external policy JARs that support this form of encryption. See the section on :ref:`security_passwd_encryption` for more details about these settings.
- .. figure:: images/settings_pbewarning.png
- Warning if Strong PBE is not available
|
