The GeoServer team is happy to announce the release of GeoServer 2.10.0. Downloads are available (zip, war, dmg and exe) along with docs and extensions.

This is the latest stable release of GeoServer intended for production systems. Please note that GeoServer 2.10.0 and GeoServer 2.9.2 include important security updates and we advise all users of GeoServer to upgrade at this time.

This release is made by Ian Turton with the help of the entire GeoServer team. It is built in collaboration with GeoTools 16.0 and GeoWebCache 1.10.0. We would like to thank everyone who provided feedback on the release candidate, ideally we would like more participation.

Packaging and Installation

• The macOS DMG is now signed by the Open Source Geospatial Foundation which is required for the latest macOS. If you are having trouble please check System Preferences Security & Privacy and ensure that apps are allowed from “App Store and identified developers”.

macOS 10.12 System Preferences for Security and Privacy

• The windows installer is now signed by the Open Source Geospatial Foundation. Unfortunately it takes a few days for “Windows SmartScreen” to trust that the application is okay (it is marked as “not commonly downloaded” since we just created it). You will need to click “More Options” to see the option to run the application.

SmartScreen warning on Windows 7

• For those just starting out the default data directory now includes security restrictions on WFS-T functionality (restricting editing of data to the administrator account by default, it’s up to the administrator to change that if they wish).

Thanks to Michael Smith and the OSGeo for purchasing a digital certificate - this helps our open source software reach a wider audience. We would also like to extend our thanks to Larry Shaffer for digging in on the macOS and Windows requirements. The signed windows installer has been “built by hand” and we ask for your feedback so Larry can put together an automated system.

Security Considerations

Aaron Waddell reported an XXE vulnerability in the GeoTools library which has now been fixed.

We ask all our users to treat security vulnerabilities with respect and make plans to upgrade to GeoServer 2.10.0 or GeoServer 2.9.2 at this time.

New Style Editor

This release includes the new Styled Editor featured at the FOSS4G 2016 workshop. The editor mixes in the CSS editor preview and layer association abilities for more productive style development (if you are a CSS user you can go straight to the standard CSS editor now, the specific one got retired).

Here are a few screenshots. The main tab is reminiscent of the existing style editor page:

The publishing tab allows to link the style to layers as primary, or as associated/secondary style:

The preview tab is where we expect most of the work to be done, editing the style, and clicking on “Apply” to view how the changes affect the map:

Finally, the layer attributes tab shows the available attributes, their type, a sample value and allows to compute statistics on them:

We would like to thank those who attended the FOSS4G 2016 styling workshop for trying out an early milestone release. Special thanks to Andrea for extensive testing/feedback and to Torben for all the hard work during the release candidate.

Improved QGIS style compatibility

At the FOSS4G 2016 code sprint some work was done to increase the compatibility between QGIS and GeoServer styling. While most of the work was performed on the QGIS SLD export correctness, some work was also done on the GeoTools/GeoServer side.

First, we taught GeoServer how to handle SE/SLD 1.1 external marks, and implemented support for TTF symbols as external marks (this is how QGIS exports TTF based symbols). Here is an example of the syntax (remember, this is SE, symbology encoding, not SLD 1.0):

 <se:Mark>
   <se:OnlineResource xlink:type="simple" xlink:href="ttf://DNR%20Recreation%20Symbols"/>
   <se:Format>ttf</se:Format>
   <se:MarkIndex>64</se:MarkIndex>
   <se:Fill>
     <se:SvgParameter name="fill">#000000</se:SvgParameter>
   </se:Fill>
 </se:Mark>

The result is the extraction of the symbol from the true type font, and its usage in the map as a scalable vector symbol.  Here is a sample from our test suite, with lines overlaying the symbols to easily identify the point locations:

QGIS ships with a set of SVG symbols which are “interesting”, in that they do not contain a fixed fill or stroke color, but parameters that need to be filled by the caller. QGIS then allows the user to specify such values, and fills them in before rendering, thus allowing to treat a SVG in a similar way to a built-in mark (with just a bit less control over the output compared to a mark). Looking at a SVG source we see:

<polygon fill="param(fill)" fill-opacity="param(fill-opacity)"
  stroke="param(outline)" stroke-opacity="param(outline-opacity)"
  stroke-width="param(outline-width)"
  points="290.565,67.281 35.067,509.815 33.98,511.7 545.209,512.093 547.389,512.095 "/>

GeoServer just learned to support these parameters, which are supposed to be added in the SVG URL reference, accoding to the SVG Parameters 1.0 spec “URL parameters” approach:

 <PointSymbolizer>
   <Graphic>
     <ExternalGraphic>
       <OnlineResource xlink:type="simple" xlink:href="firestation.svg?fill=#FF0000" />
      <Format>image/svg</Format>
     </ExternalGraphic>
     <size>128</size>
   </Graphic>
 </PointSymbolizer>

Which will result in something like:

There is more work to be done - the team looked at including some of the custom QGIS “well-known” marks in GeoServer, but this work was not completed for the 2.10.0 release. If you are interested in helping out on this or other activities please contact us as a volunteer or professionally.

We would like to thank Andrea for his cross project leadership on this issue, and to the participants of the FOSS4G code sprint for helping out.

CSS Styling Improvements

The CSS Extension now sports nested rules, allowing for even more compact styles, for example:

[@scale < 3000] {
   mark: symbol(circle);
   :mark {
      fill: gray;
      size: 5
   };
   [type = 'important'] {
      mark: symbol(triangle);
      :mark {
        fill: red;
        stroke: yellow
      }
   }
}

Rendering transformation support has also been added, for example, it’s possible to extract contour lines from a raster using the following style:

<span class="c">/* @title Levels */</span>
<span class="o">*</span> <span class="p">{</span>
  <span class="n">transform</span><span class="o">:</span> <span class="n">ras</span><span class="o">:</span><span class="n">Contour</span><span class="p">(</span><span class="n">levels</span><span class="o">:</span> <span class="m">1100</span> <span class="m">1200</span> <span class="m">1300</span> <span class="m">1400</span> <span class="m">1500</span> <span class="m">1600</span> <span class="m">1700</span><span class="p">);</span>
  <span class="k">z-index</span><span class="o">:</span> <span class="m">0</span><span class="p">;</span>
  <span class="n">stroke</span><span class="o">:</span> <span class="nb">gray</span><span class="p">;</span>
  <span class="n">label</span><span class="o">:</span> <span class="p">[</span><span class="n">numberFormat</span><span class="p">(</span><span class="s1">'#'</span><span class="o">,</span> <span class="n">value</span><span class="p">)];</span>
  <span class="k">font-size</span><span class="o">:</span> <span class="m">12</span><span class="p">;</span>
  <span class="k">font</span><span class="o">-</span><span class="n">fill</span><span class="o">:</span> <span class="nb">black</span><span class="p">;</span>
  <span class="k">font-weight</span><span class="o">:</span> <span class="k">bold</span><span class="p">;</span>
  <span class="n">halo</span><span class="o">-</span><span class="k">color</span><span class="o">:</span> <span class="nb">white</span><span class="p">;</span>
  <span class="n">halo</span><span class="o">-</span><span class="n">radius</span><span class="o">:</span> <span class="m">2</span><span class="p">;</span>
  <span class="o">-</span><span class="n">gt</span><span class="o">-</span><span class="n">label</span><span class="o">-</span><span class="n">follow</span><span class="o">-</span><span class="n">line</span><span class="o">:</span> <span class="n">true</span><span class="p">;</span>
  <span class="o">-</span><span class="n">gt</span><span class="o">-</span><span class="n">label</span><span class="o">-</span><span class="k">repeat</span><span class="o">:</span> <span class="m">200</span><span class="p">;</span>
  <span class="o">-</span><span class="n">gt</span><span class="o">-</span><span class="n">label</span><span class="o">-</span><span class="n">max</span><span class="o">-</span><span class="n">angle</span><span class="o">-</span><span class="n">delta</span><span class="o">:</span> <span class="m">45</span><span class="p">;</span>
  <span class="o">-</span><span class="n">gt</span><span class="o">-</span><span class="n">label</span><span class="o">-</span><span class="n">priority</span><span class="o">:</span> <span class="m">2000</span><span class="p">;</span>
<span class="p">}</span>

WMTS improvements

The WMTS service has now its own service configuration page, and if the INSPIRE extension is installed, proper INSPIRE extensions. The WMTS service is also now usable on per-workspace services (aka virtual services).

“JPEG or PNG” output format for WMS and WMTS

The relase includes support for the “JPEG or PNG” format, which allows the server to dynamically decide if JPEG or PNG is to be returned, based on pixel transparency. This should solve the classic scattered aerial/satellite overlay imagery dilemma, where the imagery is best compressed JPEG, except at the borders of the images, where transparency is needed.

GetFeatureInfo improvements for coverages

GetFeatureInfo against raster layers now ensures valid XML names are given to attributes, for valid GML outputs, and supports continous map wrapping for geographic projections, as well as working properly for rasters whose coordinate span beyond the 180 degrees East:

We would like to thank Ben Caradoc-Davies for working on this.

New projections support

GeoTools is now providing support for the Azimuthal equidistant projection:

Support for the rotated pole projections was also added:

Rotated pole support for GRIB2/NetCDF and GeoServer integration by Ben Caradoc-Davies (Transient), with the GeoTools rotated pole projection implementation by Maciej Filocha (ICM), based on code provided by Jürgen Seib (Deutscher Wetterdienst).

Image mosaic and image pyramid improvements

Both the image mosaic and image pyramid can now be configured to serve multiple coverages no matter what the data source (previously this was possible only if the sources were NetCDF or Grib files).

At the same time the image mosaic now allows more heterogeneous sources, adding to the previous ability of mixing different color models, a newfound ability to support heterogeneous input projections:

Thanks to Devon Tucker for working on the heterogeneous input projections. For more information please check out the documentation examples.

LDAP User Group Service

The LDAP integration was previously limited to “authentication provider” status, e.g. it allowed GeoServer to validate a username/password combo by trying to connect to a LDAP service. GeoServer 2.10 ships with a LDAP based “user group service” instead, meaning, the list of users can be directly fetched from the LDAP, in alternative to the existing XML and JDBC providers.

Community Modules

The GeoServer community has been very active producing a wide range of exciting capabilities. These modules are not part of a release, and are not officially supported, but most of them can be downloaded as part of our nightly builds or built locally. If you are interested in seeing these reviewed and included in future releases of GeoServer please reach out to and ask how you can help.

YSLD community module

A new styling language, YSLD, has been added. YSLD is a YAML based language which closely matches the stucture of SLD using a text only representation: indentation is used to represent document structure rather than XML tags; filters are represented using ECQL, and all GeoServer vendor options are supported (with a “x-“ prefix).

YSLD allows you to cut down your style for the common case where a style has a single rule inside a single feature style - for example:

- polygon:
  stroke-color: 'blue'
  stroke-width: 1
  fill-color: '#7EB5D3'
- text:
  label: ${name}
  fill-color: 'black'
  anchor: [0.5, 0.5]
  x-maxDisplacement: 40
  x-autoWrap: 70

As a “YAML based“ format common blocks of code can be defined up front, and reused multiple times.

define: &stroke
 stroke-color: 'gray'
 stroke-width: 0.5
rules:
 - filter: ${region = '1'}
   symbolizers:
   - polygon:
     <<: *stroke
     fill-color: '#8DD3C7'
 - filter: ${region = '2'}
   symbolizers:
   - polygon:
     <<: *stroke
     fill-color: '#FFFFB3'

One feature offered that is not included in SLD is integration with GeoWebCache zoom levels - this allows rules to be enabled for specific zoom levels (avoiding the need to calculate the correct scale denominators by hand).

rules:
- zoom: [min,5]
  filter: ${type = 'small'}
  symbolizers:
  - ...
- zoom: [5,max]
  filter: ${type = 'small'}
  symbolizers:
  - ...
- zoom: [min,5]
  else: true
  symbolizers:
  - ...
- zoom: [5,max]
  else: true
  symbolizers:
  - ...

One interesting ability of the YSLD module that can be used to help get you started is the ability to take an existing SLD style and translate it 1-1 to YSLD using the REST API:

• Access as SLD: http://localhost:8080/geoserver/rest/styles/states.sld?pretty=true

• Access as YSLD: http://localhost:8080/geoserver/rest/styles/states.yaml

  name: states title: Population in the United States abstract: |- A sample filter that filters the United States into three categories of population, drawn in different colors feature-styles: - name: name rules: - name: Population < 2M title: Population < 2M filter: ${PERSONS < ‘2000000’} scale: [min, max] symbolizers: - polygon: fill-color: ‘#A6CEE3’ fill-opacity: 0.7 …

For more information this release includes an extensive YSLD Reference (complete with diagrams and examples).

WMTS-ND discovery community module

The module adds WMTS operations helping a client to drill into the domain of a dataset with multiple dimensions, helping in particular with scattered datasets, or ones with related dimensions (e.g., forecasts having two related times, execution time and predicted time). The extra operations are:

• DescribeDomains, providing a compact description of the available dimension values, and allowing to filter on a range of values for a particular dimension (space included), and see how the domain of the related dimensions change

• GetHistogram, showing how the available data is distributed along a given dimension

• GetFeature, to get footprint and dimension values of single features/rasters once a particular domain of interest has been established

The full specification is available online.

ncWMS community module

The ncWMS community module adds some extra operations and style support specially geared towards multidimensional raster data (including, but not limited to, NetCDF). The operations are a subset of the WMS extension provided by ncWMS, a NetCDF-CF specific WMS server. First, a palette oriented styling language is added that only requires to provide a list of color values, which will be applied to the declared data min/max range automatically:

The palette is then going to be applied to the range of values declared in the layer bands configuration, along with a number of vendor parameter in the request to control the actual range of values to be displayed, color for out of range values, linear vs logarithic palette:

The request can also include a “animate” parameter that, coupled with the GIF output format and a dimension range, e.g., a time range, will generate an animation in output:

Finally, a GetTimeSeries request parallels GetFeatureInfo and charts/extract the evolution of the phenomenon at a given point against time (also available as a CSV dump):

More details and information about the module are available in the official documentation.

Backup and restore community module

The backup/restore community module provides a UI and a set of REST service to backup and restore the GeoServer configuration without forcing a full application restart. Each operation is asynchronous, and restores can be subject to dry run, to verify if the restore will complete without errors before actually applying it.

More information about the module can be found in the user documentation.

About GeoServer 2.10

Articles, docs, blog posts and presentations:

• State of GeoServer 2016 (slideshare)

• The style editor has been refreshed with the best ideas from the css extension

• The styling workshop has been updated for foss4g 2016 and now includes both CSS and YSLD examples.

• Smart transparency in GeoServer with image/vnd.jpeg-png format (GeoSolutions)

• QGIS SLD export improvements (GeoSolutions)

Community modules

• A new community module to backup/restore and restore GeoServer configuration

• A resource browser is available allowing remote management of styles, icons and fonts (needs building from sources).

• A new WMTS multidimensional domain discovery community module for discovering patches of data in scattered data sets

• The YSLD community module has been updated with extensive documentation

The GeoServer team is happy to announce the release of GeoServer 2.10-RC1. Downloads are available (zip, war, dmg and exe) along with docs and extensions.

While this release candidate is not intended for production we would like to ask everyone to download, try it out in your environment, try it out with your data, and report back success/glitches/failures to the email list.

We would like to thank everyone who This is a release candidate beta release of GeoServer made in conjunction with GeoTools 16-RC1.

Testing Priorities

Here is our priorities for testing:

• Updated GeoServer Style Editor

• CSS Extension - nested rule and rendering transform support

• WMS Cascade functionality

New Features and Highlights

• The macOS DMG is now signed by the Open Source Geospatial Foundation.

• Aaron Waddell reported an XXE vulnerability in the GeoTools library which has been resolved (and is used by GeoServer).

• GeoWebCache can now use MBTiles, including vector tiles.

• The default data directory now includes security restrictions on WFS-T functionality (restricting editing of data to the administrator account).

• Several fix/improvements in coverage view support for multiband sources and associated SLD band selection optimizations

• Work continues on the WMTS multidimensional extension (some fixes for GetHistogram and DescribeDomains)

##

About GeoServer 2.10

Articles, docs, blog posts and presentations:

• State of GeoServer 2016 (slideshare)

• The style editor has been refreshed with the best ideas from the css extension

• Smart transparency in GeoServer with image/vnd.jpeg-png format (GeoSolutions)

• QGIS SLD export improvements (GeoSolutions)

Community modules

• A new community module to backup/restore and restore GeoServer configuration

• A new WMTS multidimensional domain discovery community module for discovering patches of data in scattered data sets

• The styling workshop has been updated to feature both CSS and YSLD examples.

• The YSLD community module has been updated with extensive documentation

The GeoServer team is pleased to announce the release of GeoServer 2.9.2. Download bundles are provided (bin, war, dmg and exe) along with documentation and extensions.

This is a stable release of GeoServer suitable for production systems. This release is made in conjunction with GeoTools 15.2 and GeoWebCache 1.9.2. We extend our thanks to all contributors for making this release possible.

Highlights of this release include:

• The macOS DMG is now signed by the Open Source Geospatial Foundation. This work done by Larry Shaffer and the system admin committee improves the Mac install experience. For macOS 10.12 Apple has asked that all applications to be from the App Store (sigh) or signed by identified developers. Using the OSGeo certificate to sign our application 

• Style icons can now be referenced by URL in both the global styles folder and workspace styles folders.

• WMTS improved with both a web admin page and “virtual service” support providing a WMTS for each workspace.

• The INSPIRE extension now supports WMTS capabilities document. Upon installation of the INSPIRE extension the INSPIRE WMTS grid is now available.

• Embedded GeoWebCache now supports mbtiles based tile storage.

• Improvements to image mosaic documentation with more examples.

• Support for “JPEG or PNG “output format, dynamically choosing the best format based on image transparency

• Lots of bug fixes (check the release notes for details)

Security Considerations

This release addresses two security vulnerabilities:

• The default data directory now includes security restrictions on WFS-T functionality (restricting editing of data to the administrator account). This has the effect of making the service read-only by default, while still advertising we are a compliant WFS-T implementation. If you have an existing GeoServer deployment which you wish to be read-only your can configure security settings as described, or set the WFS service level to “basic”.

• Aaron Waddell reported an XXE vulnerability in the GeoTools library which has been resolved (and is used by GeoServer). We encourage all users to upgrade to GeoServer 2.9.2 at this time. Please note that there are no additional releases of GeoServer 2.8 scheduled - now is the time to upgrade.

If you wish to report a security vulnerability, please visit our website for instructions on responsible reporting.

About GeoServer 2.9

Articles, docs, blog posts and presentations:

• Lots of goodies in the original 2.9.0 announcement (GeoServer Blog)

• Results of our Bug Stomp Mini Code Sprint in July (GeoServer blog)

• Internals upgrade to spring-4 for Java 8 compatibility (User Guide)

• GeoServer code sprint success and wicket migration code sprint (GeoServer Blog)

• GeoServer Plugin for QGIS (Boundless)

• QGIS SLD export improvements (GeoSolutions)

• Smart transparency in GeoServer with image/vnd.jpeg-png format (GeoSolutions)

• Simplify complex feature mappings setup with HALE (GeoSolutions)

• REST management of Resources (User Guide)

We are happy to announce the release of GeoServer 2.10-beta. Downloads are available (zip, war, dmg and exe) along with docs and extensions.

This is a beta release of GeoServer made in conjunction with GeoTools 16-beta.

Beta Testing

The GeoServer Team has been hard at work to bring you this beta release.

Here is our priorities for testing:

• Updated GeoServer Style Editor

• Module Status REST endpoint

• CSS Extension - Nested rule and rendering transform support

We one crititcal known issues to keep in mind when testing:

• GEOS-7750 - The WMS and LegendSample beans used in GeoServerTileLayer may provoke a cyclic dependency when Spring beans are loaded. As a consequence tiled layers may not be loaded and are deleted by GWC integration. Please back up your data and configuration before testing the GeoServer 2.10-beta with data you care about.

Highlights from the release notes:

• Add CSS nested rule support

• Add CSS rendering transform support

• Add WMTS multi dimensional community module

• Add WCS 2.0 Demo Requests

• OL3 Preview in tiled mode supports map wrapping

• Make JDBCStore compatible with HazelCast Clustering

• Changes to WMS GetFeatureInfo for coverages:

  • Band names now presented in responses as NCNames for all info_formats (spaces and leading digits replaced with underscores)

  • Support for continuous map wrapping for latitude/longitude projections

  • Support for coverages with native latitude/longitude coordinates and longitudes > 180 degrees East

Also, looking at the GeoTools 16-M0 release notes, we have:

• Support Azimuthal Equidistant projection

• Implement Vladimir’s Polygon label point algorithim

• GeoPackage can write to boolean fields

For more information about the what is included in the GeoServer 2.10 release, also refer to the GeoServer 2.10-M0 release anouncement.

##

About GeoServer 2.10

GeoServer 2.10 is scheduled for October release.

We are happy to announce the release of GeoServer 2.10-M0. Downloads are available (zip, war, dmg and exe) along with docs and extensions.

This is a milestone release of GeoServer made in conjunction with GeoTools 16-M0.

We have both new features and a number of key “under the hood” changes to GeoServer. This technology preview is made available for your evaluation and feedback and is not intended for production.

Highlights from the release notes:

• Resource Browser (ResourceStore GUI)

• LDAP UserGroupService

• Add WMTS web admin page

• Allow WMTS service requests per workspace (virtual service)

• Allow the Wicket UI to show a Server Busy page when updating the configuration instead of locking the server

• Control over execution time separate to total queuing and execution time

• Fix Windows exe installer failure to start GeoServer

• Can’t delete Default Cached Gridsets

• Add support for dynamically choosing jpeg or png compression based on output contents

Also, looking at the GeoTools 16-M0 release notes, we have:

• Upgrade to NetCDF-Java 4.6.6, including support for NetCDF rotated pole projection

• Allows ImagePyramid supporting multiple Coverages

• The old wfs module has now been replaced with the wfs-ng module

Security Considerations

This release includes several security enhancements (which are also included in the recent GeoServer 2.8.5 and 2.9.1 releases

• Although we have not been able to reproduce from GeoServer, a remote execution vulnerability has been reported against both the Restlet  and the Apache Commons BeanUtils libraries we use. We have patched our use of these libraries as a preventative measure. We would like to thank Kevin Smith for doing the bulk of the work, and Andrea Aime for providing a patched BeanUtils library addressing these vulnerabilities.

• Layer security restrictions in CHALLENGE mode were not being correctly applied by embedded GeoWebCache. Thanks to Nick Muerdter for his responsible report of this vulnerability and for submitting a fix (that included a unit test!)

• Carl Schroedl reported a vulnerability at application startup when working with a data directory on a network file system, a new configuration option has been provided to check that the directory exists.  Thanks to Carl for following our responsible disclosure procedure, and to Ben Caradoc-Davies for implementing the new parameter.

If you wish to report a security vulnerability, please visit our website for instructions on responsible reporting.

Style Page

The GeoServer Style page has been upgraded to include several features from the CSS Styles page (part of the CSS extension). The new GeoServer style page includes:

• Updated Style Page layout

• Style - Layer Association editor

• Layer Preview

• Layer Attribute Preview

About GeoServer 2.10

GeoServer 2.10 is scheduled for October release.