Hi,
Thanks a lot Stefan for your perfect solution.
I have tested what you mentioned and it works pretty fine. But there is one
remaining issue. That is how to pass the current geoserver's username to the
database? I've a field in the geometries table called "user_name". It should
hold the owner of the record (the user that can view the record). I need to
fill this field with the current geoserver username. How can I do that?
I tried the following WFS request:
<Insert>
<tst:geometry_table xmlns:tst="tst">
<geometry xmlns="tst">
<Point xmlns="http://www.opengis.net/gml";
srsName="urn:ogc:def:crs:EPSG::4326">
<pos srsDimension="2">21.958021949698434 14.533349892039715</pos>
</Point>
</geometry>
<name>city h</name>
<user_name>current_setting('myapp.user', TRUE)</user_name>
</tst:geometry_table>
</Insert>
But it didn't substitute the username variable with its value.
Can you help me how to do that using WFS, or whatever other solutions?
Best regards,
Nanaso
Sent with [ProtonMail](https://protonmail.com) Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Wednesday, October 31, 2018 12:43 PM, Stefan Overkamp
<[email protected]> wrote:
> Hi,
>
> "Is it possible to decide which users can access which features in a layer?"
> I'm using the following solution for postgis datastore/layer:
>
> - set a Session startup SQL (and session close-up SQL) in the datastore. This
> will set a variable with the current GeoServer user.
> e.g. startup "SELECT set_config('myapp.user', '${GSUSER,geoserver}', FALSE)
> close-up "SELECT set_config('myapp.user', '', FALSE)
> - create a sql view, restricting the returned records with the set variable
> (current_setting('myapp.user', TRUE))
> normally you would have an additional table in your database with mapping of
> usernames to records/spatial entities
>
> Regards,
> Stefan
>
> Am 29.10.2018 um 12:36 schrieb Nanaso via Geoserver-users:
>
>> Hi,
>> Thanks a lot Nuno for your reply.
>> There are two issues:
>> 1- The Geofence extention can satisfy my needs in the following way: I have
>> an attribute in my layer called "user_name", I can check if the logged in
>> username equals to this attribute, then I will allow the logged in user to
>> access this feature, and vise versa.
>> The problem is how to get the current logged in username. Is there an
>> environment varaible that holds the current logged in user?
>>
>> 2- The other issue is regarding installation of Geofence. I've tried to
>> install version 13 of Geofence extention in a Geoserver of version 13, it
>> works fine, but the place where I should enter the CQL filter is not exist.
>> According to the documentation:
>> https://docs.geoserver.org/stable/en/user/community/geofence-server/gui.html#rule-page
>> There should be a place to specify the CQL fitler for read and write. But it
>> looks like this part of the configuration doesn't exist in version 13 of
>> Geofence.
>> I've then tried to install verison 14 of Geofence in a veriosn 14 of
>> Geoserver, but the server failed to launch with many exceptions. My machine
>> is Mac OS High Sierra. And here you're the exceptions I recieve when
>> launching geoserver after adding Geofence to it:
>
> --
> =========================================
> Dipl.Ing. Stefan Overkamp
> tel: 02052 / 814184
> mobil: 0177 / 7976159_______________________________________________
Geoserver-users mailing list
Please make sure you read the following two resources before posting to this
list:
- Earning your support instead of buying it, but Ian Turton:
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines:
http://geoserver.org/comm/userlist-guidelines.html
If you want to request a feature or an improvement, also see this:
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
