GeoServer 2.22.6 Release

Mar 17, 2025 • Jody Garnett

GeoServer 2.22.6 release is now available with downloads (bin, war, windows), along with docs and extensions.

This series has previously reached end-of-life, with this release issued to address a security vulnerability. Please apply this update as a mitigation measure only, and plan to upgrade to a stable or maintenance release of GeoServer. GeoServer 2.22.6 is made in conjunction with GeoTools 28.6.

Thanks to Jody Garnett for making this release.

Security Considerations

This release addresses security vulnerabilities for those operating in a Java 8 environment:

CVE-2024-36401 Remote Code Execution (RCE) vulnerability in evaluating property name expressions (Critical)

For more information see the following statement.

See project security policy for more information on how security vulnerabilities are managed.

Java 8 End-of-life

This GeoServer 2.22.6 is archived and has reached end-of-life. This release uses recent GeoTools 28.6 Java 8 artifacts addressing CVE-2024-36404.

All future releases will require a minimum of Java 11.

Release notes

Improvement:

GEOS-11102 Allow configuration of the CSV date format
GEOS-11116 GetMap/GetFeatureInfo with groups and view params can with mismatched layers/params
GEOS-11155 Add the X-Content-Type-Options header
GEOS-11246 Schemaless plugin performance for WFS

Bug:

GEOS-11138 Jetty unable to start cvc-elt.1.a / org.xml.sax.SAXParseException

Task:

GEOS-11318 Upgrade postgresql from 42.6.0 to 42.7.2

For the complete list see 2.22.6 release notes.

Community Updates

Community module development:

GEOS-11412 Remove reference to JDOM from JMS Cluster (as JDOM is no longer in use)

Community modules are shared as source code to encourage collaboration. If a topic being explored is of interest to you, please contact the module developer to offer assistance.

About GeoServer 2.22 Series

Additional information on GeoServer 2.22 series:

GeoServer 2.22 User Manual
Update Instructions
Metadata extension
CSW ISO Metadata extension
State of GeoServer (FOSS4G Presentation)
GeoServer Beginner Workshop (FOSS4G Workshop)
Welcome page (User Guide)

Release notes: ( 2.22.6 | 2.22.5 | 2.22.4 | 2.22.3 | 2.22.2 | 2.22.1 | 2.22.0 | 2.22-RC | 2.22-M0 )

GeoServer 2.25.6 Release

Feb 17, 2025 • Peter Smythe

GeoServer 2.25.6 release is now available with downloads (bin, war, windows), along with docs and extensions.

This series has now reached end-of-life, and it is recommended to plan an upgrade to 2.26.x or the upcoming 2.27.0 soon.
GeoServer 2.25.6 is made in conjunction with GeoTools 31.6, and GeoWebCache 1.25.4.

Thanks to Peter Smythe (AfriGIS) for making this release.

Release notes

Improvement:

GEOS-11651 Support env parametrization on OIDC filter
GEOS-11652 Externalize printing configuration folder
GEOS-11677 Hide version info on GWC home page

Bug:

GEOS-10844 Exclude xml-apis from build
GEOS-11649 welcome page per-layer is not respecting global service enablement
GEOS-11664 Update REST security paths
GEOS-11672 GWC virtual services available with empty contents
GEOS-11690 Bug in Externalize printing configuration folder
GEOS-11694 OpenID connect: allow caching authentication when an expiration is declared in the access token
GEOS-11696 AdminRequestCallback not loaded due to spring bean name conflict
GEOS-11700 GeoFence fails in recognizing some caller IP address
GEOS-11707 Ogr2OgrWfsTest test failures with GDAL 3.10.1
GEOS-11711 Clickhouse DGGS stores fails to aggregate on dates
GEOS-11713 Concurrent LDAP builds fail on Jenkins
GEOS-11715 STAC sortby won’t work with “properties.” prefixed names
GEOS-11716 WFS POST requests fail if a layer is misconfigured

Task:

GEOS-11650 Update dependencies for monitoring-kafka module
GEOS-11659 Apply Palantir Java format on GeoServer
GEOS-11671 Upgrade H3 dependency to 3.7.3
GEOS-11682 Add tests for WMS SLD XML request reader
GEOS-11685 Bump jetty.version from 9.4.56.v20240826 to 9.4.57.v20241219
GEOS-11701 Update JAI-Ext to 1.1.28

For the complete list see 2.25.6 release notes.

Community Updates

Community module development:

GEOS-11686 Clickhouse DGGS stores cannot properly read dates
GEOS-11687 OGC API packages contain gs-web-core

Community modules are shared as source code to encourage collaboration. If a topic being explored is of interest to you, please contact the module developer to offer assistance.

About GeoServer 2.25 Series

Additional information on GeoServer 2.25 series:

Release notes: ( 2.25.6 | 2.25.5 | 2.25.4 | 2.25.3 | 2.25.2 | 2.25.1 | 2.25.0 | 2.25-RC )

Powerful SLD Styles & Filters in GeoServer

Feb 10, 2025 • Nima Ghasemloo

GeoSpatial Techno is a startup focused on geospatial information that is providing e-learning courses to enhance the knowledge of geospatial information users, students, and other startups. The main approach of this startup is providing quality, valid specialized training in the field of geospatial information.

( YouTube | LinkedIn | Facebook | X )

Powerful SLD Styles and Filters in GeoServer

In this session, we’ll explore GeoServer SLD styles and filters and highlight their practical and versatile uses. If you want to access the complete tutorial, click on the link.

Introduction

Filters in GeoServer are essential for controlling map data display, allowing users to set conditions for data inclusion. By integrating these filters into a Styled Layer Descriptor (SLD), users can customize maps based on specific attribute values or spatial areas. This customization enables the creation of visually informative and meaningful maps that effectively showcase data.

Several types of filters can be used in GeoServer styling, such as Comparison operators , Spatial operators , Logical operators and Arithmetic operators.

Note. This video was recorded on GeoServer 2.22.4, which is not the most up-to-date version. Currently, versions 2.25.x and 2.26.x are supported. To ensure you have the latest release, please visit this link and avoid using older versions of GeoServer.

Note. In all examples in this blog post, we utilize the topp:states layer.

Comparison Operators

These operators allow users to filter data by focusing on non-spatial attributes of a feature, selecting specific values within a field, or defining a range of values. This functionality helps refine search results within a dataset for more precise data analysis.

The Comparison operators include: Binary comparison operators and Value comparison operators.

The binary comparison operators are: PropertyIsEqualTo , PropertyIsNotEqualTo , PropertyIsLessThan , PropertyIsLessThanOrEqualTo , PropertyIsGreaterThan and PropertyIsGreaterThanOrEqualTo.

To learn how to use various filters for creating a custom SLD style in GeoServer, follow these steps:

Navigate to the Styles page from the Data section, then click on Add a new style link.
In the Name field, type your desired name, such as Comparison_lessThan.
Select Polygon from the list of default styles, then click the Generate link.

Type the new title on line 13, and press the ‘Enter’ key at the end of the line. Then, add the following block codes to the new line:

  <ogc:Filter>
    <ogc:PropertyIsLessThan>
      <ogc:PropertyName>PERSONS</ogc:PropertyName>
      <ogc:Literal>1000000</ogc:Literal>
    </ogc:PropertyIsLessThan>
  </ogc:Filter>

Press the Validate button to check if you have misspelled anything. If there are no errors, press the Apply button.
Switch to the Layer Preview tab and click the layer name above the preview box and select topp:states layer.

Comparison_lessThan In this example, we have created a style for states with a population of less than one million.

Press the Save button.

Other available comparison operators, known as the value comparison operators include: PropertyIsLike , PropertyIsNull, and PropertyIsBetween.

To use the PropertyIsLike operator in a new style, follow these steps:

Click on Add a new style link, then enter Comparison_like in the Name field.
Select Comparison_lessThan from the existing styles, then click the Copy link.

To filter the states that include new in their name, modify the existing codes using the following codes:

  <ogc:Filter>
    <ogc:PropertyIsLike  wildCard="%" singleChar="_" escape="!">
      <ogc:PropertyName>STATE_NAME</ogc:PropertyName>
      <ogc:Literal>%new%</ogc:Literal>
    </ogc:PropertyIsLike>
  </ogc:Filter>

Additionally, insert the following block of code on line 30 to display the names of the states as well.

  <TextSymbolizer>
    <Label>
      <ogc:PropertyName>STATE_NAME</ogc:PropertyName>
    </Label>
    <VendorOption name="maxDisplacement">50</VendorOption>
  </TextSymbolizer>

Press the Validate button to check if you have misspelled anything. If there are no errors, press the Apply button.
Switch to the Layer Preview tab and click the layer name above the preview box and select topp:states layer.

Comparison_like

In this example, we filtered the states that have the word new in their name, such as: New York , New Jersey , New Hampshire and New Mexico.

Press the Save button.

Spatial Operators

These operators allow users to filter data based on its spatial location. This can include filtering data based on its proximity to a specific point, within a specific area or boundary, or in relation to other spatial features.

Some common spatial operators include: Within , Contains , Intersects , BBOX , etc. For a comprehensive list of all the spatial operators, please visit this link

Follow these steps to use the Intersects filter in a new style:

Click on Add a new style link, then enter spatial_intersects in the Name field.
Select comparison_like from the existing styles, then click the Copy link.

Edit the codes using the following codes:

  <ogc:Filter xmlns:gml="http://www.opengis.net/gml">
    <ogc:Intersects>
      <ogc:PropertyName>the_geom</ogc:PropertyName>
      <gml:LineString>
        <gml:coordinates>-112.5,34.7 -106.8,36.7 -100.5,36.8 -97.4,42.4</gml:coordinates>
      </gml:LineString>
    </ogc:Intersects>
  </ogc:Filter>

Press the Validate button to check if you have misspelled anything. If there are no errors, press the Apply button.
Switch to the Layer Preview tab and select topp:states layer.

Spatial_intersects

The states that intersect with a LineString, determined by the specified coordinates, include Arizona, New Mexico, Oklahoma, Kansas and Nebraska.

Press the Save button.

Logical Operators

Logical operators are used to set conditions for applying specific style rules to features. They allow users to create complex rules based on various attributes and conditions. In GeoServer, the key logical operators are AND, OR, and NOT.

AND: Both specified conditions must be true for the style rule to be applied.
OR: At least one of the specified conditions must be true for the style rule to be applied.
NOT: The style rule will not apply to features that do not meet the specified condition.

Here’s an example of how to use the AND operator to filter a SLD based on two conditions.

Click on Add a new style link, then enter logical_and in the Name field.
Select spatial_intersects from the existing styles, then click the Copy link.

Edit the codes using the block codes below:

  <ogc:Filter xmlns:gml="http://www.opengis.net/gml">            
    <ogc:And>
      <ogc:BBOX>
        <ogc:PropertyName>the_geom</ogc:PropertyName>
        <gml:Box>
          <gml:coord>
            <gml:X>-105</gml:X> <gml:Y>35</gml:Y>
          </gml:coord>
          <gml:coord>
            <gml:X>-90</gml:X> <gml:Y>45</gml:Y>
          </gml:coord>
        </gml:Box>
      </ogc:BBOX>
      <ogc:PropertyIsBetween>
        <ogc:PropertyName>PERSONS</ogc:PropertyName>
        <ogc:LowerBoundary>
          <ogc:Literal>3000000</ogc:Literal>
        </ogc:LowerBoundary>
        <ogc:UpperBoundary>
          <ogc:Literal>5000000</ogc:Literal>
        </ogc:UpperBoundary>
      </ogc:PropertyIsBetween>
    </ogc:And>
  </ogc:Filter>

Press the Validate button to check if you have misspelled anything. If there are no errors, press the Apply button.
Switch to the Layer Preview tab and select topp:states layer.

Logical_and

In this example, the states that intersect a certain bounding box and have a population between 3 million and 5 million have been filtered. The states that meet these criteria are Colorado, Oklahoma, Tennessee, Minnesota and Wisconsin.

Press the Save button.

Arithmetic operators

Arithmetic operators enable users to create custom visualizations through mathematical equations and expressions, allowing them to effectively convey their data visually on maps.

The available arithmetic operators include: Add , Sub , Mul and Div.

For example, you can use arithmetic operators to create a proportional symbol map, where the size of point symbols is based on a numeric attribute value. By dividing the attribute value by a constant factor, you can control the size of the symbols accordingly.

Here’s an example of how to use this operator in GeoServer:

Click on Add a new style link, then enter arithmetic_div in the Name field.
Select Polygon from the list of default styles, then click the Generate link.

Enter the following code snippet on line 26:

  <Rule>
    <Name/>
    <Title>PERSONS Symbol</Title>
    <PointSymbolizer>
      <Geometry>
        <ogc:Function name="centroid">
          <ogc:PropertyName>the_geom</ogc:PropertyName>
        </ogc:Function>
      </Geometry> 
      <Graphic>
        <Mark>
          <WellKnownName>circle</WellKnownName>
          <Fill>
            <CssParameter name="fill">#FF0000</CssParameter>
          </Fill>
          <Stroke>
            <CssParameter name="stroke">#000000</CssParameter>
            <CssParameter name="stroke-width">1</CssParameter>
          </Stroke>
        </Mark>
        <Size>
          <ogc:Div>
            <ogc:PropertyName>PERSONS</ogc:PropertyName>
            <ogc:Literal>1000000</ogc:Literal>
          </ogc:Div>
        </Size>
      </Graphic>
    </PointSymbolizer>          
  </Rule>

In this example, we have defined two rules. The first rule is to display the simple polygons representing the states, while the second rule is to create circular symbols based on the population of each state.

We used the Centroid function to assign a symbol to each state, and place it exactly in the center of each polygon. In addition, we divided the Persons attribute by one million to ensure a proportional representation of the symbol size to the polygons.

Press the Validate button to check if you have misspelled anything. If there are no errors, press the Apply button.
Switch to the Layer Preview tab and select topp:states layer.

Arithmetic_div

As you can see, we have scaled the point size based on the PERSONS attribute. This makes the symbol larger for larger population values like California, New York and Texas and the symbol smaller for smaller population values like Wyoming.

Press the Save button.

In this session, we took a brief journey to explore SLD styles and various filters in GeoServer. If you want to access the complete tutorial, click on the link.

GeoServer 2.26.2 Release

Jan 27, 2025 • Jody Garnett

GeoServer 2.26.2 release is now available with downloads (bin, war, windows), along with docs and extensions.

This is a stable release of GeoServer recommended for production use. GeoServer 2.26.2 is made in conjunction with GeoTools 32.2, GeoWebCache 1.26.2, and ImageIO-Ext 1.4.14.

Thanks to Jody Garnett for making this release.

Security Considerations

This release addresses security vulnerabilities and is recommended.

CVE-2024-38524 Moderate

See project security policy for more information on how security vulnerabilities are managed.

File System Sandbox Isolation

A file system sandbox is used to limit access for GeoServer Administrators and Workspace Administrators to specified file folders.

A system sandbox is established using GEOSERVER_FILESYSTEM_SANDBOX application property, and applies to the entire application, limiting GeoServer administrators to the <sandbox> folder, and individual workspace administrators into isolated <sandbox>/<workspace> folders.
A regular sandbox can be configured from the Security > Data screen, and is used to limit individual workspace administrators into <sandbox>/<workspace> folders to avoid accessing each others files.

Thanks to Andrea (GeoSolutions) for this important improvement at the bequest of Munich RE.

GSIP 229 - File system access isolation
File system sandboxing (User Manual)

Developer Updates

Palantir formatter

A nice update for GeoServer developers is an updated formatter that is both wider at 120 columns, and plays well with the use of lamda expressions.

List<TemplateBuilder> filtered = children.stream()
        .filter(b -> b instanceof DynamicValueBuilder || b instanceof SourceBuilder)
        .collect(Collectors.toList());

Thanks to Andrea for this improvement, and coordinating the change across all active branches.

GSIP 228 - 120 columns format with Palantir formatter

Release notes

New Features:

GEOS-11616 GSIP 229 - File system access isolation
GEOS-11644 Introducing the rest/security/acl/catalog/reload rest endpoint

Improvement:

GEOS-11612 Add system property support for Proxy base URL -> use headers activation
GEOS-11615 Update to Imageio-EXT 1.4.14
GEOS-11683 MapML WMS Features Coordinate Precision Should be adjusted based on scale

Bug:

GEOS-11636 Store panels won’t always show feedback in target panels
GEOS-11494 WFS GetFeature request with a propertyname parameter fails when layer attributes are customized (removed or reordered)
GEOS-11606 geofence-server imports obsolete asm dep
GEOS-11611 When Extracting the WFS Service Name from the HTTP Request A Slash Before the Question Marks Causes Issues
GEOS-11630 REST API throws HTTP 500 When Security Metadata Has Null Attributes
GEOS-11643 WCS input read limits can be fooled by geotiff reader
GEOS-11647 Restore “quiet on not found” configuration for REST in global settings
GEOS-11649 welcome page per-layer is not respecting global service enablement
GEOS-11672 GWC virtual services available with empty contents
GEOS-11681 MapML raster GetFeatureInfo not working

Task:

GEOS-11608 Update Bouncy Castle Crypto package from bcprov-jdk15on:1.69 to bcprov-jdk18on:1.79
GEOS-11631 Update MySQL driver to 9.1.0
GEOS-11650 Update dependencies for monitoring-kafka module
GEOS-11659 Apply Palantir Java format on GeoServer
GEOS-11671 Upgrade H3 dependency to 3.7.3
GEOS-11685 Bump jetty.version from 9.4.56.v20240826 to 9.4.57.v20241219

For the complete list see 2.26.2 release notes.

Community Updates

Community module development:

GEOS-11635 Add support for opaque auth tokens in OpenID connect
GEOS-11637 DGGS min/max resolution settings stop working after restart
GEOS-11680 Azure COG assembly lacks mandatory libraries, won’t work
GEOS-11686 Clickhouse DGGS stores cannot properly read dates
GEOS-11687 OGC API packages contain gs-web-core
GEOS-11691 Smart data loader accepts bigint and bigserial but not int8 postgresql type alias

Community modules are shared as source code to encourage collaboration. If a topic being explored is of interest to you, please contact the module developer to offer assistance.

About GeoServer 2.26 Series

Additional information on GeoServer 2.26 series:

Release notes: ( 2.26.2 | 2.26.1 | 2.26.0 | 2.26-M0 )

GeoServer 3 Crowdfunding Campaign Reaches Major Step: 80% Funding Completion

Jan 21, 2025 • Jody Garnett

The GeoServer 3 crowdfunding campaign has made remarkable progress, reaching 80% of its financing goal. A significant boost came from a single €100,000 pledge, underscoring the value of this essential upgrade to the GeoServer platform. With just €112,000 left to raise, now is the time to join the movement and ensure the success of this critical project.

80% Funded GeoServer 3 Crowrdfunding Campaign

A Campaign with Global Outreach

This initiative, led by a consortium of 3 key companies Camptocamp, GeoCat, and GeoSolutions, has garnered backing from a wide range of contributors, including public institutions, large companies, SMEs and individuals from various countries. The campaign’s extensive outreach demonstrates GeoServer’s importance to a broad spectrum of users worldwide. GeoServer has become a cornerstone in geospatial applications across industries and borders, and this campaign reflects its far-reaching impact.

Why GeoServer 3 Matters

The necessity of implementing GeoServer 3 has never been greater. This major upgrade will deliver:

Future-proof performance to handle growing data and processing demands.
Enhanced image processing for better visualization and analysis.
Improved security to safeguard critical geospatial systems.
A modernized user experience for easier access and usability.

Without these enhancements, users and providers risk facing limitations in scalability, performance, functionality, and security. Achieving this upgrade will ensure GeoServer remains a leading tool in the geospatial industry, empowering your open-source Spatial Data Infrastructure (SDI) based on GeoServer to innovate continuously while providing secure, high-performance services. This will position your organization at the forefront of geospatial technology.

A Few More Months to Make a Difference

The campaign will continue until spring, providing a limited window for additional financial contributions. While the international team of core contributors is ready to start the migration, we are waiting for the complete budget allocation to begin, in line with the rules of this crowdfunding campaign. To accommodate many entities currently finalizing their budgets, we have planned to let the campaign run for a few more months. This is an excellent opportunity for your organization to support the future of GeoServer and demonstrate your commitment to open-source geospatial solutions.

Every Contribution Counts

With €112,000 still needed to meet the target, every pledge—big or small—matters. Whether you’re a public institution, a large company or an SME, your support can make a difference. Reaching this goal would be a remarkable achievement, building on the strong progress made so far and ensuring the future of GeoServer 3 becomes a reality.

For any questions or to discuss how you can contribute, please email us or fill out the form to pledge your support. Together, we can achieve this milestone and continue building a sustainable, innovative future for geospatial technology.

Thanks to all organizations and individuals that have mobilized themselves, contributed financially, or spread the word to make this campaign a success.

The following organisations have pledged their support: