In this chapter, we covered some of the key concepts behind enterprise security, the concepts of authentication (who) and authorization (what) in particular. Armed with these two distinctions and their relationships, we then explored how each is applied in the context of GeoServer's security subsystem. In particular, we looked at how data and services can be secured.

With Active Directory being the most prevalent enterprise system to manage users and user groups, it seemed like the logical next step to see how easy it is to configure GeoServer to connect to, and utilize, the information stored in the directory. With a connection to Active Directory configured, we have everything in place to integrate GeoServer into our enterprise. This ...