Logo of 52°North
Home Communities Security User Guide... 2. Protecting Services

Chapter 2: Protecting Services

1. Protecting a Service with Enforcement Points

Remember that a single WSS installation is capable of protecting an arbitrary number of services. For each service you want to protect you have to create a so called "Enforcement Point" receiving all service requests for a protected service and authorizing access to it. To create, edit, and delete an Enforcement Point, you should use the WSS Management Application that is available through http://localhost:8080/wss (may differ depending on your actual server setup).

Click on Manage WSS to start the application. You have to log in with a tomcat user, that has the role "manager" (defined in <TOMCAT_INSTALL>\conf\tomcat-users.xml).

After you have successfully logged in, you get a list of all Enforcement Points of that WSS instance.

Add new Enforcement Point

  • Click Create to start adding a new Enforcement Point.
  • Enter the ID of the Enforcement Point (this will be part of the EP's URL, eg. mywms
  • Enter the Protected Service URL of the protected service, eg. http://localhost/geoserver/wms
  • Select the Type of the protected service, i.e. WMS, SOS, WPS, or WFS for example.
  • Select one or more Authentication Schemes a client can use to authenticate at the service, eg. HTTP Basic.
  • Click Create to save the new Enforcement Point