Comments on: Securing RESTful Services with GeoServer 2.0.1 http://blog.geoserver.org/2010/01/26/securing-restful-services-with-geoserver-2-0-1/ Everything GeoServer, and a little more Sat, 24 Dec 2011 16:57:18 +0000 hourly 1 http://wordpress.org/?v=3.1.2 By: Bruce http://blog.geoserver.org/2010/01/26/securing-restful-services-with-geoserver-2-0-1/comment-page-1/#comment-73411 Bruce Wed, 19 May 2010 17:12:51 +0000 http://blog.geoserver.org/?p=438#comment-73411 Ah, sorry. I did a tiny bit of digging and I see now that the "restconfig" extension is a separate download and does not appear to be bundled by default. Not as scary as I thought then. Ah, sorry. I did a tiny bit of digging and I see now that the “restconfig” extension is a separate download and does not appear to be bundled by default. Not as scary as I thought then.

]]> By: Amos http://blog.geoserver.org/2010/01/26/securing-restful-services-with-geoserver-2-0-1/comment-page-1/#comment-66798 Amos Wed, 27 Jan 2010 03:48:42 +0000 http://blog.geoserver.org/?p=438#comment-66798 Ah, sorry. I did a tiny bit of digging and I see now that the "restconfig" extension is a separate download and does not appear to be bundled by default. Not as scary as I thought then. Ah, sorry. I did a tiny bit of digging and I see now that the “restconfig” extension is a separate download and does not appear to be bundled by default. Not as scary as I thought then.

]]> By: Amos http://blog.geoserver.org/2010/01/26/securing-restful-services-with-geoserver-2-0-1/comment-page-1/#comment-66797 Amos Wed, 27 Jan 2010 03:44:29 +0000 http://blog.geoserver.org/?p=438#comment-66797 Thanks Justin. I should have also asked: Are the installations vulnerable out of the box or was there something I would have had to turn on? Thanks Justin. I should have also asked: Are the installations vulnerable out of the box or was there something I would have had to turn on?

]]> By: Justin Deoliveira http://blog.geoserver.org/2010/01/26/securing-restful-services-with-geoserver-2-0-1/comment-page-1/#comment-66779 Justin Deoliveira Tue, 26 Jan 2010 22:02:51 +0000 http://blog.geoserver.org/?p=438#comment-66779 @Amos: At the moment 1.7.x installations are vulnerable yes. At this point a patch has not been back ported. As for putting a notice on the homepage this blog probably reaches a wider audience than those who visit our homepage daily. And this blog entry should show up in the news feed that is front and center on the home page. Although it has not at this moment. Will have to look into that. @Amos:

At the moment 1.7.x installations are vulnerable yes. At this point a patch has not been back ported.

As for putting a notice on the homepage this blog probably reaches a wider audience than those who visit our homepage daily. And this blog entry should show up in the news feed that is front and center on the home page. Although it has not at this moment. Will have to look into that.

]]> By: Amos http://blog.geoserver.org/2010/01/26/securing-restful-services-with-geoserver-2-0-1/comment-page-1/#comment-66775 Amos Tue, 26 Jan 2010 21:54:47 +0000 http://blog.geoserver.org/?p=438#comment-66775 Which versions of GeoServer are vulnerable to RESTful GET requests? Are 1.7.x installations vulnerable? Shouldn't this warrant a big security notice on the home page? Which versions of GeoServer are vulnerable to RESTful GET requests? Are 1.7.x installations vulnerable? Shouldn’t this warrant a big security notice on the home page?

]]>