GeoServer 2.25.5 release is now available with downloads (bin, war, windows), along with docs and extensions.

This is a maintenance release of GeoServer providing existing installations with minor updates and bug fixes. GeoServer 2.25.5 is made in conjunction with GeoTools 31.5, and GeoWebCache 1.25.3. The final release of the 2.25 series is planned for February 2025, please start making plans for an upgrade to 2.26.x or newer.

Thanks to Andrea Aime (GeoSolutions) for making this release.

Release notes

Improvement:

• GEOS-11612 Add system property support for Proxy base URL -> use headers activation
• GEOS-11616 GSIP 229 - File system access isolation
• GEOS-11644 Introducing the rest/security/acl/catalog/reload rest endpoint

Bug:

• GEOS-11494 WFS GetFeature request with a propertyname parameter fails when layer attributes are customized (removed or reordered)
• GEOS-11606 geofence-server imports obsolete asm dep
• GEOS-11611 When Extracting the WFS Service Name from the HTTP Request A Slash Before the Question Marks Causes Issues
• GEOS-11643 WCS input read limits can be fooled by geotiff reader

Task:

• GEOS-11609 Bump XStream from 1.4.20 to 1.4.21
• GEOS-11610 Update Jetty from 9.4.55.v20240627 to 9.4.56.v20240826
• GEOS-11631 Update MySQL driver to 9.1.0

For the complete list see 2.25.5 release notes.

Community Updates

Community module development:

• GEOS-11635 Add support for opaque auth tokens in OpenID connect
• GEOS-11637 DGGS min/max resolution settings stop working after restart

Community modules are shared as source code to encourage collaboration. If a topic being explored is of interest to you, please contact the module developer to offer assistance.

About GeoServer 2.25 Series

Additional information on GeoServer 2.25 series:

• GeoServer 2.25 User Manual
• GeoServer 2024 Roadmap Plannings
• Raster Attribute Table extension
• Individual contributor clarification

Release notes: ( 2.25.5 | 2.25.4 | 2.25.3 | 2.25.2 | 2.25.1 | 2.25.0 | 2.25-RC )

GeoServer 2.26.1 release is now available with downloads (bin, war, windows), along with docs and extensions.

This is a stable release of GeoServer recommended for production use. GeoServer 2.26.1 is made in conjunction with GeoTools 32.1, and GeoWebCache 1.26.1.

Thanks to Peter Smythe (AfriGIS) for making this release.

Security Considerations

This release addresses security vulnerabilities and is considered an important upgrade for production systems.

• GEOS-11557 CVE-2024-45748 High. The details will be released later.

See project security policy for more information on how security vulnerabilities are managed.

Release notes

Improvement:

• GEOS-11557 CVE-2024-45748 High
• GEOS-11561 Client-Delegating MapML Proxy
• GEOS-11588 GWC disk quota, check JDBC connection pool validation query

Bug:

• GEOS-11524 csw: default queryables mapping not generated
• GEOS-11543 Unable to use propertyName to filter properties in a GetFeature request when service is not set
• GEOS-11553 SLD Style: Empty SE Rotationelement throws RuntimeException (QGIS generated SLD)
• GEOS-11556 NullPointerException when GWC disk quota monitoring is disabled
• GEOS-11559 The customized attributes editor is prone to setting the wrong attribute source
• GEOS-11573 TileLayer preview doesn’t work anymore

Task:

• GEOS-11574 Bump org.eclipse.jetty:jetty-server from 9.4.52.v20230823 to 9.4.55.v20240627 in /src
• GEOS-11587 Update map fish-print-v2 2.3.2 - see new MAPFISH_PDF_FOLDER configuration option
• GEOS-11609 Bump XStream from 1.4.20 to 1.4.21
• GEOS-11610 Update Jetty from 9.4.55.v20240627 to 9.4.56.v20240826

For the complete list see 2.26.1 release notes.

Community Updates

Community module development:

• GEOS-11107 Open search for EO community module: packaging missing gt-cql-json-xx.x.jar
• GEOS-11517 Using various OGC APIs results in service enabled check related WARN logs
• GEOS-11560 OGC API modules lack cql2-json in assembly
• GEOS-11563 Allow configuring a DGGS resolution offset on a layer basis
• GEOS-11565 Allow configuring the minimum and maximum DGGS resolution for a layer
• GEOS-11579 DGGS modules prevent GeoServer startup if JEP is not installed

Community modules are shared as source code to encourage collaboration. If a topic being explored is of interest to you, please contact the module developer to make contact and offer assistance, even if it is just to say that it works for you.

About GeoServer 2.26 Series

Additional information on GeoServer 2.26 series:

• GeoServer 2.26 User Manual
• GeoServer 2024 Q3 Developer Update
• Raster Attribute Table extension
• Community module graduation, amending generality rule
• Individual contributor clarification
• Migrate geoserver-users from SourceForge to discourse

Release notes: ( 2.26.1 | 2.26.0 | 2.26-M0 )

GeoSpatial Techno is a startup focused on geospatial information that is providing e-learning courses to enhance the knowledge of geospatial information users, students, and other startups. The main approach of this startup is providing quality, valid specialized training in the field of geospatial information.

( YouTube | LinkedIn | Facebook | X )

Exploring CQL and ECQL Filtering in GeoServer

In this session, we want to talk about the Using CQL/ECQL Filters in GeoServer in detail. If you want to access the complete tutorial, click on the link.

Introduction

Contextual Query Language (CQL) is a text-based query for search/retrieval adopted by the OGC for the Catalogue Web Services specification. Unlike the XML-based Filter Encoding language, CQL is more readable and easier for manual authoring. However, it has limitations, such as not being able to encode ID filters and requiring the attribute to be on the left side of comparison operators.

To overcome these limitations, GeoServer offers an extended version called ECQL, which closely resembles SQL and provides greater flexibility. ECQL allows users to define filters for querying data in GeoServer using attribute comparisons, logical operators, and spatial predicates. It is compatible with GeoServer’s REST API and can be used for WMS and WFS requests to retrieve filtered data.

Note. This video was recorded on GeoServer 2.22.4, which is not the most up-to-date version. Currently, versions 2.25.x and 2.26.x are supported. To ensure you have the latest release, please visit this link and avoid using older versions of GeoServer.

Note. Future version of GeoServer will include support for CQL2 which provides both a text and a JSON representation.

Comparison operators

To compare attribute values or other numeric and text values in your CQL / ECQL (Extended Common Query Language) expressions, you can utilize comparison operators.

In the Layer Preview section, first click on the OpenLayers option for the topp:states layer. Next, locate and click on the Toggle options toolbar in the top left corner to access the advanced options.

In the CQL filter box within this toolbar, enter the filter expression STATE_NAME = 'Texas', and then press the Apply button. This filter will retrieve and display the data for the state of Texas.

By reviewing the following examples using the Toggle options toolbar from the LayerPreview page, you will learn how to effectively understand and apply comparison operators using CQL/ECQL expressions:

• ‘PropertyIsGreaterThanOrEqualTo’ filter

This filter shows the states that have more than or equal to 5 million inhabitants.

PERSONS >= 5000000

• ‘PropertyIsLike’ filter

This filter shows the states whose names, contain the letters ‘ing’ like Washington and Wyoming.

STATE_NAME like '%ing%'

• ‘PropertyIsBetween’ filter

This filter shows the states with a population of 5 million to 10 million.

PERSONS between 5000000 and 10000000

Spatial operators

These operators enable you to perform spatial queries and filter data, based on various relationships between geometries. Here are the explanations for some commonly used spatial operators:

• ‘Intersect’ filter

This filter allows you to query spatial data in GeoServer based on geometric intersection relationships. This filter returns all features that have any spatial intersection or overlap.

The syntax for the Intersect filter in CQL is as follows:

Intersects(the_geom,Point(-90 40))

• ‘Within’ filter

The Within filter checks if a spatial object is completely within another spatial object. This filter retrieves all features that are located within the boundaries of a specified geometric shape, using spatial relationships.

Within(the_geom,Polygon((-100 30,-100 45,-80 45,-80 30,-100 30)))

• ‘Contains’ filter

This filter is the inverse of the “Within” filter. It checks if a spatial object completely contains another spatial object and helps you retrieve features that fully enclose the specified geometry.

CONTAINS(the_geom,LINESTRING(-73.9 43.5,-77.76 42.56))

Bounding Box operators

The Bounding Box operator is used to filter data based on a specified bounding box. The “bbox” filter in CQL allows you to query spatial data in GeoServer based on a bounding box or a rectangular area.

CQL filters can also be utilized with the GET method. To use the bbox filter using the GET method, enter the following code in the URL address bar of your browser:

http://localhost:8080/geoserver/topp/wms?service=WMS&version=1.1.0&request=GetMap&layers=topp:states&bbox=-124.73142200000001,24.955967,-66.969849,49.371735&width=768&height=330&srs=EPSG:4326&format=application/openlayers&CQL_FILTER=BBOX(the_geom,-110,41,-95,45)

This filter enables you to retrieve all features that intersect, or are contained within the specified bounding box.

In this session, we took a brief journey through the “CQL filtering in GeoServer”. If you want to access the complete tutorial, click on the link.

GeoServer 2.25.4 release is now available with downloads (bin, war, windows), along with docs and extensions.

This is a maintenance release of GeoServer providing existing installations with minor updates and bug fixes. GeoServer 2.25.4 is made in conjunction with GeoTools 31.4, and GeoWebCache 1.25.3.

Thanks to Jody Garnett for making this release.

Update 2024-11-08: Testing from Sören Kalesse noted the downloads included snapshot jars. The binaries have been updated with intended geotools and geowebcache jars.

Security Considerations

This release addresses security vulnerabilities and is considered an important upgrade for production systems.

• GEOS-11557 CVE-2024-45748 High

See project security policy for more information on how security vulnerabilities are managed.

Release notes

New Feature:

• GEOS-11352 REST service for URL checks

Improvement:

• GEOS-11399 Use Catalog streaming API in LayerGroupPage
• GEOS-11427 metadata: “fix all” to support changing config repeatable field
• GEOS-11463 WMS vector dimension validation should query only one feature and only for dimension attribute
• GEOS-11502 Permit resize on user/group/role palette textbox to allow for extra long role names
• GEOS-11503 Update mongo schemaless DWITHIN to support non-point geometry
• GEOS-11557 CVE-2024-45748 High
• GEOS-11588 GWC disk quota, check JDBC connection pool validation query

Bug:

• GEOS-10811 GeoServer 2.22.0 WPS error while clipping raster with GeoJSON input
• GEOS-11071 GeoJSON PPIO goes NPE while decoding a GeoJSON geometry
• GEOS-11107 Open search for EO community module: packaging missing gt-cql-json-xx.x.jar
• GEOS-11453 Failure to look-up default value of custom dimensions on vector layers
• GEOS-11484 DirectRasterRenderer is not respecting advancedProjectionHandling and continuosMapWrapping format_options
• GEOS-11493 Azure blob store may not get environment parameters from property file
• GEOS-11497 WPS execution fails with GeoJSON input
• GEOS-11504 ResourceAccessManagerWrapper misses some delegating methods
• GEOS-11505 OWS Monitor only handles WFS 1.0 requests
• GEOS-11513 WMTS/GetDomainValues - Returned values are not sorted
• GEOS-11514 Fix parsing WPS geometry geojson inputs
• GEOS-11524 csw: default queryables mapping not generated
• GEOS-11543 Unable to use propertyName to filter properties in a GetFeature request when service is not set
• GEOS-11553 SLD Style: Empty SE Rotationelement throws RuntimeException (QGIS generated SLD)
• GEOS-11556 NullPointerException when GWC disk quota monitoring is disabled
• GEOS-11559 The customized attributes editor is prone to setting the wrong attribute source

Task:

• GEOS-11470 Upgrade the version of Mongo driver for schemaless plugin from 4.0.6 to 4.11.2
• GEOS-11506 Upgrade Spring version from 5.3.37 to 5.3.39 and Spring security from 5.8.13 to 5.8.14
• GEOS-11508 Update OSHI from 6.4.10 to 6.6.3
• GEOS-11533 Update org.apache.commons.vfs2 to 2.9.0
• GEOS-11574 Bump org.eclipse.jetty:jetty-server from 9.4.52.v20230823 to 9.4.55.v20240627 in /src
• GEOS-11587 Update map fish-print-v2 2.3.2

For the complete list see 2.25.4 release notes.

Community Updates

Community module development:

• GEOS-11517 Using various OGC APIs results in service enabled check related WARN logs
• GEOS-11518 DGGS JDBC store SQL encoder should not force the timezone to CET
• GEOS-11519 Make DGGS rHealPix tests run again
• GEOS-11560 OGC API modules lack cql2-json in assembly
• GEOS-11563 Allow configuring a DGGS resolution offset on a layer basis
• GEOS-11565 Allow configuring the minimum and maximum DGGS resolution for a layer
• GEOS-11579 DGGS modules prevent GeoServer startup if JEP is not installed

Community modules are shared as source code to encourage collaboration. If a topic being explored is of interest to you, please contact the module developer to offer assistance.

About GeoServer 2.25 Series

Additional information on GeoServer 2.25 series:

• GeoServer 2.25 User Manual
• GeoServer 2024 Roadmap Plannings
• Raster Attribute Table extension
• Individual contributor clarification

Release notes: ( 2.25.4 | 2.25.3 | 2.25.2 | 2.25.1 | 2.25.0 | 2.25-RC )

The GeoServer team working on sharing our roadmap plans plans and providing greater transparency on our community participation and funding goals.

GeoServer Developer Forum

If you have sent email to geoserver-devel list this week you have been met with the following reply:

This list is now closed, join us on geoserver developer forum:
https://discourse.osgeo.org/invites/7DX66egwux

That is right, developer communication has moved to GeoServer Developer on discourse.

• To post join the geoserver-developer group.
• About the GeoServer Developer category has all the details (even email).
• There are improved instructions on how to sign up using github.

How to help:

• Accept the invite - it is quick and easy joining the group and navigate to the forum in one go.
• Update communication details for website and developer guide.

GeoServer 3 Crowdfunding

The consortium of Camptocamp, GeoSolutions and GeoCat have responded to our roadmap challenge with a bold GeoServer 3 Call for Crowdfunding established as a multi-party contract.

• The fundraising target has now been set, see updated post, and milestone deliverables established.
• GSIP-226 - GeoServer 3

How to help:

• Share the call for crowdfunding in your region.
• To express your interest or pledge support contact us directly at gs3-funding@googlegroups.com, or via online form.

Wicket 9 upgrade

GEOS-11275: Brad and David have made considerable progress on Wicket UI updates. After a year of effort the first results towards Wicket 10 are being merged onto the main branch.

Thanks to Brad for doing much of the difficult work starting this activity, and to David for working hard to stabilize this work for testing.

Peter and Jody started a wicket test plan and evaluated an initial 2.26-M0 milestone release.

How to help:

• Test a 2.27.x nightly build, clearly noting problems in the Wicket Test Plan.
• Urgent: Developer assistance is needed to restore JUnit tests for the Wicket modules. Many are failing just due to the contents of the page being slightly altered.
• Developer assistance is needed to resolve the content-security-policy warnings reported during testing.
• David has outlined what is needed for a new GSModalDialog to replace the functionality being removed in Wicket 10.

docker pull docker.osgeo.org/geoserver:2.27.x
docker run -it -p8081:8080 docker.osgeo.org/geoserver:2.27.x

Spring Security 5.8 update

GEOS-11271: Andreas Watermeyer (ITS Digital Solutions) has completed this activity ahead of the GeoServer 2.26.0 release.

How to help:

• The next step is going through the Preparing for 6.0 checklist

Spring Security OAuth2 replacement

GEOS-11272: Andreas Watermeyer (ITS Digital Solutions) set up new community modules to work on this activity. This is a new implementation as the spring security internals have changed, and the new spring api allows for a cleaner implementation.

How to help:

• This work will require extensive testing in different environments.
• Ideas on unit testing and increasing test coverage with test containers are very welcome.

Support and sponsorship

We would like to welcome a new project sponsor:

Route4Me - Simplify Last Mile Complexity: proven route planning and route optimization software.

The GeoServer project steering committee seeks sponsorship to fund maintenance activities, code sprints, and research and development that is beyond the reach of an individual contributor or organization.

• We have worked with OSGeo to provide sponsorship guidance for individual consultants, small organisation, companies and public institutions of different sizes.
• GeoServer has a new sponsorship page on our website collecting this information for our project.
• GeoServer now lists sponsors logos on our home page, alongside core contributors.

We would like to thank everyone who has responded thus far:

• Sponsors: How 2 Map, illustreets, and Route4Me.
• Individual Donations: Peter Rushforth, Marco Lucarelli, Gabriel Roldan, Jody Garnett, Manuel Timita, Andrea Aime