问题
I am developing a website and using leafLet for visualization. Data are coming from a database and everything works fine.
I developed something like this: https://maps.gcc.tas.gov.au/dogexerciseareas.html
As you can see, if you do a right-click on the page and select ViewSource, you can see the servername, port, and database (typeName : 'GCC_cc:DogExerciseAreas',). To me, this is not very secure especially if we host everything (IIS, DB, GeoServer,..), So, Is there any way to hide these details at the client side and make this more secure.
回答1:
Well, I had a chance to work on this for a long time and I came up with this approach"
First: Put Geoserver in one VPC zone and only allows access to it from specific IP and port (i.e. Isolate from the world expect specific IP and port)
Second: As @IvanSanchez has suggested.use proxy and urlredirect to interact with Geoserver via web server (not client)
With the above, everything goes through web-server, then passed to Geoserver.
来源:https://stackoverflow.com/questions/44640905/how-make-geoserver-and-leaflet-secure-in-a-web-applciation