We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Enterprise Single Sign-On in GeoServer: where do we stand?

Formal Metadata

Title
Enterprise Single Sign-On in GeoServer: where do we stand?
Title of Series
Part Number
110
Number of Parts
193
Author
License
CC Attribution 3.0 Germany:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Security is a major concern in the enterprise and treats all aspects of identity and access management. Moreover the proliferation of devices and digital assets connected to the Internet of Things is a massive source of growing geographic information. GeoServer has buit-in a lot of features to manage authentication and authorization but often this kind of problem can be better dealt with a dedicated tool (i.e. Forgerock IAM suite) which allows to provide identities and access policies likewise to several clients. What are the best practices to integrate GeoServer into an existent single sign-on and identity lifecycle? Althought tools like CAS and GeoFence allow to enable such features it's more likely that GeoServer needs a leaner and cleaner path towards the externalization of authentication and authorization for the OGC services and its REST API.
Keywords