Users and Groups¶

The definition of a GeoServer user is similar to most security systems. Although the correct Java term is principal—a principal being a human being, computer, software system, and so on—the term user is adopted throughout the GeoServer documentation. For each user the following information is maintained:

• User name
• Password (optionally stored encrypted)
• A flag indicating if the user is enabled (this is the default). A disabled user is prevented from logging on. Existing user sessions are not affected.
• Set of key/value pairs

Key/value pairs are implementation-specific and may be configured by the user/group service the user or group belongs to. For example, a user/group service that maintains information about a user such as Name, Email address, and so on, may wish to associate those attributes with the user object.

A GeoServer group is simply a set of users. For each group the following information is maintained:

• Group name
• A flag indicating if the group is enabled (this is the default). A disabled group does not contribute to the role calculation for all users contained in this group.
• List of users who belong to the group