security.rst 4.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172
  1. .. _wps_security:
  2. WPS Security and input limits
  3. =============================
  4. GeoServer service security is normally based on the generic :ref:`OGC security configuration <security_service>`, however, when it comes to WPS there is also a need to **restrict access to individual processes**, in the same way that data security restricts access to layers.
  5. WPS security allows access to be determined by process group or by single process. Each process and process group can be enabled/disabled, or subject to access control based on the user roles.
  6. .. figure:: images/security.png
  7. The WPS security page
  8. The WPS security configurations can be changed using the :ref:`web_admin` on the :guilabel:`WPS security` page under :guilabel:`Security`.
  9. .. figure:: images/security_link.png
  10. Click to access the WPS security settings
  11. Setting access roles
  12. --------------------
  13. The list of roles attached to each group or process will determine which users can access which processes. If the list is empty the group/process will be available to all users, unless it has been disabled, in which case it won't be available to anyone.
  14. The roles string must be a list of roles separated by semicolons. The role editor provides auto-completion and also allows quick copy and paste of role lists from one process definition to the other:
  15. .. figure:: images/security_roles.png
  16. Role selector field with auto-complete
  17. Access modes
  18. ------------
  19. The process access mode configuration specifies how GeoServer will advertise secured processes and behave when a secured process is accessed without the necessary privileges. The parameter can be one of three values:
  20. * **HIDE** (default): The processes not available to the current user will be hidden from the user (not listed in the capabilities documents). Direct access will result in GeoServer claiming the process does not exist.
  21. * **CHALLENGE**: All processes will be shown in the capabilities documents, but an authentication request will be raised if a secured process is specifically requested by a user that does not have sufficient access rights
  22. * **MIXED**: The secured processes will not be shown in the capabilities documents for users not having sufficient access rights, but an authentication request will still be raised if a secured process is requested.
  23. Complex Inputs
  24. --------------
  25. By default, Execute requests support loading complex inputs from references to local files and external servers. This behavior can be restricted in the **Complex Inputs** section. When the flag is checked, an Execute request with an input reference that is not an internal WCS/WFS/WPS request will result in a service exception reporting the error.
  26. Input limits
  27. ------------
  28. The amount of resources used by a process is usually related directly to the inputs of the process itself. With this in mind, administrators can set three different type of limits on each process inputs:
  29. * The maximum size of complex inputs
  30. * The range of acceptable values for numeric values
  31. * The maximum multiplicity of repeatable inputs
  32. .. note:: As an example of the last point, think of contour extraction, where the number of levels for the contours can drastically affect the execution time
  33. GeoServer allows the administrator to configure these limits, and fail requests that don't respect them.
  34. The maximum size can be given a global default on the :guilabel:`WPS security` page. It is also possible to define limits on a per-process basis by navigating to the process limits editor in the process list.
  35. .. note:: Processes having a ``*`` beside the link have a defined set of limits
  36. .. figure:: images/security_processselector.png
  37. The process selector, with access constraints and links to the limits configuration
  38. The process limits editor shows all inputs for which a limit can be provided. An empty field means that limits are disabled for that input.
  39. .. figure:: images/security_processlimits.png
  40. The process limit page, with input limits configured
  41. .. warning:: In order for the limits to be saved: click on :guilabel:`OK` on this :guilabel:`Process limits` page; and then click :guilabel:`OK` on the :guilabel:`Process selection` page; and finally :guilabel:`Save` on the :guilabel:`WPS security` page.