European Commission logo
INSPIRE Community Forum

Stored Queries: ways of protecting from being dropped?

Sorin RUSU
By Sorin RUSU

Hello everyone,

I have stumbled uppon a difficult subject regarding Stored Queries. The TG requirements, as well as common sense, dictate that Stored Queries should be created for WFS-served geospatial data. These queries can be similar to the ones that I created for the Romanian PS WFS:

http://inspire.biodiversity.ro/geoserver/ows?service=wfs&version=2.0.0&request=liststoredqueries

Stored queries help users get just the types of data they need, either through predefined filters, or through parametrised filters.

My problem is that a WFS service allows non-authenticated users the freedom to Create, Describe as well as Drop stored queries from a GIS Server. Does anybody know of a way to protect/lock specific stored queries to prevent their malitious or unintentional deletion from the server?

Also, is there a way to prevent unauthorised users from submiting create stored query requests (I am imagining a scenario where malitious users might just flood the GIS server with create stored query requests, creating thousands or tens of thousands of stored queries through a distributed 'attack').

 

Biodiversity & Area Management

Biodiversity & Area Management

If themes like Protected Sites, Area Management/Restriction/Regulation Zones and Reporting Units, Habitats and Biotopes, Species Distribution, Bio-geographical Regions matters to you, join these groups!