Security¶
GeoWebCache requires authentication to perform certain operations, such as reconfiguration or seeding. By default WEB-INF\users.properties
looks like this:
geowebcache=secured,ROLE_ADMINISTRATOR
Change geowebcache
to your desired username and secured
to your password of choice. It is recommended that you use only ASCII characters.
Fine-grained control can be implemented using an external proxy or servlet filter, or within GeoWebCache by using a request filter. Advanced users who understand ACEGI may want to edit acegi-config.xml
as well.
Proxy Requests¶
The WMS Service can proxy requests it does not understand to a WMS back end. By specifying GEOWEBCACHE_WMS_PROXY_REQUEST_WHITELIST
. It should be set to a semicolon separated list of request types. *
will allow all requests.
By default, it is set to *
unless there are SecurityFilter
extensions installed in which case it defaults to GetLegendGraphic
. GetMap
, GetCapabillities
, and GetFeatureInfo
are all interpreted by GWC rather than proxied and so are not affected by the whitelist.