Use Case: Geoserver Gatekeeper Handles a Request from a client


The steps required for the Gatekeeper to handle a request for data from the Geoserver that it protects.


  • user (whose Attribute Certificate is processed by the Gatekeeper in order to make an access decision).
  • Client to Gatekeeper (For Health Stream this is the Health Portal Web Server, for marine stream, the Health Portal Web Server or the SeaInfo client)
  • Geoserver Gatekeeper
  • Geoserver


  • Gatekeeper port is exposed outside host site firewall.
  • Geoserver port is protected within host site firewall.
  • Incoming SOAP messages from the client are secured with WS-Security digital signature.


A client makes a request to the Gatekeeper for data.


Client is granted access to secured Geoserver data.

Normal Course

  1. Gatekeeper verifies the signature of the incoming SOAP message from the client.
  2. Gatekeeper parses the Attribute Certificate contained in the SOAP message and verifies the signature and checks that the signer is the MetOffice Attribute Authority.
  3. Retrieve roles contained in the Attribute Certificate.
  4. Parse Geoserver request and call getCapabilities to get the role name for the resource associated with the request.
  5. Make access control decision matching the role of the Geoserver resource against the roles available in the Attribute Certificate. If a match is found, access is granted.
  6. Call the audit/logging web service for the Gatekeeper and record:
    • timestamp
    • user ID (contained in Attribute Certificate holder element)
    • organisation (Attribute Certificate issuer or issuerName element)
    • request
    • response size
    • response time.
  7. Forward the Geoserver request to Geoserver.
  8. Receive the response from Geoserver and put into a SOAP response.
  9. Sign SOAP repsonse before dispatch if required or is practicable.
  10. Dispatch SOAP response back to the client.