1

I have an application where each user has individually generated geotiff files. Since the users pay for the generated geotiff, I have to make sure that the users can only see their own geotiff and not the geotiff of any other user.

I'm using geoserver and PostgGIS and I plan to user WMS / WCS to deliver the data. The geotiff files are stored in the database, together with some additional data like an id.

How can I setup such an security? Is it really necessary to create an own layer and role for each user? Or is there any way to create a security based on the id of the files in the database?

best regards, DDD

ABX
  • 737
  • 12
  • 28
  • I am not sure if postgis/postgres is that security sophisticated. In oracle it is called fine grain security control. If each geotiff is in a seperate table then it should be fairly straight forward. However if they are all in the same table someone else may be able to help. – Brad Nesom Jun 25 '12 at 21:42

1 Answers1

0

Giving web users roles in your database is a bad idea. I think this should be handled in the application not the database. Each geotiff row would indentify the customer. Your app would be responsible for only serving them their associated rows.

Sean
  • 4,187
  • 19
  • 24
  • OK, handling in the application is an option, but I thought of some kind of 'WCS authorization proxy' that can be configured. – ABX Jun 27 '12 at 19:19
  • I think GeoServer only does layer or service level security. See this question http://gis.stackexchange.com/questions/12969 – Sean Jul 02 '12 at 21:35