How to Restrict Access to Metadata

How to Restrict Access to Metadata

Publishers can designate what kinds of users see which records, according to the access policy configured by the Geoportal's host organization. Access is controlled at the record level through the Administration user interface.



IMPORTANT: Restricting user access to metadata records only restricts who can see the metadata. It does not determine user access to the actual data/web service resource itself.

• Unrestricted
  
  If the Geoportal Metadata Access Policy Configuration is set to "Unrestricted", then all approved records in the Geoportal are searchable for all users. In the Administration tab, there is no column for "Access" in the table of metadata records.
• Public-Protected
  
  If the Geoportal Metadata Access Policy Configuration is set to "Public-Protected", then 'Public' documents are searchable to all users, and only members of one specific group (defined in the Geoportal configuration file) can search among the 'Protected' documents. In the Administration tab, there is a column for 'Access'. A record's Access Level can be set by checking the checkbox next to the record and selecting "Set Access Level" from the dropdown list above the table. Two radio buttons appear, and the publisher can determine if the record should be Unrestricted (all users can see the record) or Restricted (only the group of users identified for accessing the record in the gpt.xml configuration file can access it).
• Restricted
  
  If the Geoportal Metadata Access Policy Configuration is set to "Restricted", then restricted records are accessible only to groups that have been granted access to that restricted document. For example, Document A can be restricted for access by Group 1 and Group 2, while Document B can be restricted for access only by Group 3. In the Administration tab, access is set by checking the checkbox next to the record and selecting "Set Access Level" from the dropdown list above the table. A list of all the groups defined in the LDAP structure appears. The publisher checks the boxes next to the groups that should have access to this metadata record. The record will not appear in search results if a user doing the search does not belong to that LDAP group.