Developing based on GeoServer restful api

GeoServer provides a RESTful interface through which clients can retrieve information about an instance and make configuration changes. Using the REST interface’s simple HTTP calls, clients can configure GeoServer without needing to use the Web administration interface.

REST is an acronym for “REpresentational State Transfer”. REST adopts a fixed set of operations on named resources, where the representation of each resource is the same for retrieving and setting information. In other words, you can retrieve (read) data in an XML format and also send data back to the server in similar XML format in order to set (write) changes to the system.

Operations on resources are implemented with the standard primitives of HTTP: GET to read; and PUT, POST, and DELETE to write changes. Each resource is represented as a URL, such as http://GEOSERVER_HOME/rest/workspaces/topp.

Steps to configure authentication

We want to developing based on GeoServer restful api, the first thing would be configuring GeoServer to accept authentication information passed by HTTP header attribute(s).

Rest properties file

The REST process has its own security configuration that needs to be setup in addition to the web interface user. These are different configurations and are setup in different spots. The REST configuration does use that same users you have configured in the web interface it just doesn’t use the access rules that you would have set up.

To know about the permissions you need to view a file in the directory [Geoserver_data}/security called rest.properties.

Image for post
Image for post

Rest properties

From the properties file content, we can see all the rest api will need admin user authentication.

Users, groups and roles

From the GeoServer web ui, we can define users, groups and roles.

Image for post
Image for post

Rest test

If we try to test any GeoServer rest api without any configuration, we will meet a 401 error because of no authentication.

Image for post
Image for post

Authentication filters

Click the Authentication link located under the Security section of the navigation sidebar. Scroll down to the Authentication Filters panel and click the Add new link.

Image for post
Image for post

Add authentication filter

Click the HTTP Header link and set “Name” to anything you’d like, Set Request header attribute to to a random token other than “user” or “admin”. It’s a obscure header attribute name which is a shared secret between the proxy and GeoServer. Set Role source to “User group service” and name of the user group service to “default”.

Image for post
Image for post

Authentication filter chains

Go back to the Authentication link and scroll down to the Filter Chains panel. Notice the rest filter chain here and click into it.

Image for post
Image for post

Configure rest filter chain

Scroll down to the Chain filters panel. Drag the newly added authentication filter to the selected part and position it before all other filters.

Image for post
Image for post

Rest test successful

Try the rest api again with specified header which is the Request header attribute we just set and with the value of “admin”.

Image for post
Image for post

Restful APIs

The full restful api list can be found here

Image for post
Image for post
Image for post
Image for post

Written by

Researcher | Architect | Full-Stack | @hustakin

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store