FOSS4G 2023

Ian Turton

Ian is a Lead GeoSpatial Specialist in the Custom Solutions team at Astun Technology. He is usually to be found working with the unglamorous back end systems that make the slippy web maps that the clients see actually work. In his spare time he writes code for GeoTools and GeoServer, helps people repair broken electrical items at Repair Cafes.


GeoServer Orientation and Demo
Ian Turton, Jody Garnett

Welcome to GeoServer, a popular web service for publishing your geospatial data using industry standards for vector, raster and mapping.

If the previous sentence made no sense to you, or if you are new to foss4g, or even just new to GeoServer, attend this talk to get pointed in the right direction!

This presentation provides a gentle introduction to FOSS4G and we will do our best to say the quiet part out loud:

  • Demo: We have learned from experience, and will introduce GeoServer using a demo.
  • Usage: Concepts using both a demo, and diagrams to connect to your data and publish as a spatial service.
  • Checklist: Preflight check-lists capturing common oversights when deploying GeoServer for the first time.
  • Value: What role GeoServer plays in your organization and what value the application provides.
  • Community: How the project is managed, and a discussion of the upcoming activities.
    Attend this presentation to get a running start on using GeoServer in your organization!

Attend this presentation to get a running start on using GeoServer in your organization!

Transition to FOSS4G
UBT F / N212 - Floor 3
Securing Your Open Source Geospatial Stack with Single Sign On
Ian Turton

(or what happens when GeoServer and PostGIS meet Active Directory)

This talk will present a case study of how Astun implemented a single sign on (SSO) system for a large
commercial client. The client stored their spatial data in a PostGIS database and provided both direct access
to the database via QGis and from QGis via WMS using GeoServer to carry out the styling and rendering of the
data. Staff are divided into 4 teams and then are subdivided by end client in to small groups. Some of the
data in the system is restricted to just the group working on a specific problem for a specific client, other
data is shared with the whole team, and some is available to the whole company.

The client brief was to move their on site system to "the cloud", and to allow staff to connect to the data
from anywhere in the world with only one user account and password for access to PostGIS and GeoServer data.
Initially, the project planned to leverage the existing corporate Azure Active Directory system to provide the
necessary authentication and authorizations. However, early experiments showed that the time between
requesting a new group and it appearing on the server was (sometimes) longer than the lifetime of the new

Astun provided an open source solution, using Keycloak to handle the user and administrator facing frontends,
with user data being stored in an OpenLDAP server. It was then possible to make use of the LDAP service to
perform authentication and authorization of users to both PostGIS and GeoServer, making sure that data
restrictions applying in one were duplicated in the other.

The talk will cover details of the process and look at some of the issues that were encountered during the

Use cases & applications