GeoCat · pull · Jul 4, 2023 · Jun 9, 2023 · Jun 17, 2023 · Jun 20, 2023
diff --git a/doc/en/developer/source/conf.py b/doc/en/developer/source/conf.py
@@ -161,7 +161,7 @@
 #html_additional_pages = {}
 
 # If false, no module index is generated.
-html_use_modindex = False
+html_domain_indices = False
 
 # If false, no index is generated.
 html_use_index = False

diff --git a/doc/en/developer/source/quickstart/checkout.txt b/doc/en/developer/source/quickstart/checkout.txt
@@ -3,7 +3,7 @@ Check out source code
 
 Check out the source code from the git repository.::
 
-   git clone git://github.com/geoserver/geoserver.git geoserver
+   git clone https://github.com/geoserver/geoserver.git geoserver
 
 To list the available branches.::
 

diff --git a/doc/en/docguide/source/conf.py b/doc/en/docguide/source/conf.py
@@ -136,7 +136,7 @@
 #html_additional_pages = {}
 
 # If false, no module index is generated.
-#html_use_modindex = True
+html_domain_indices = False
 
 # If false, no index is generated.
 #html_use_index = True

diff --git a/doc/en/user/source/community/ogc-api/features/index.rst b/doc/en/user/source/community/ogc-api/features/index.rst
@@ -30,6 +30,9 @@ Features Implementation status
    * - Common Query Language (CQL2)
      - `Draft <https://docs.ogc.org/DRAFTS/21-065.html>`__
      - Implements an earlier draft for for both text and JSON encodings. To be updated.
+   * - Part n: Query by IDs
+     - `Proposal <https://github.com/opengeospatial/ogcapi-features/tree/master/proposals/query-by-ids>`__
+     - Proposal implemented, but syntax and semantic is subject to change in a future release. Thus said, usage should be carefully considered.
 
 Installing the GeoServer OGC API Features module
 ------------------------------------------------

diff --git a/doc/en/user/source/conf.py b/doc/en/user/source/conf.py
@@ -196,7 +196,7 @@
 #html_additional_pages = {}
 
 # If false, no module index is generated.
-html_use_modindex = False
+html_domain_indices = False
 
 # If false, no index is generated.
 html_use_index = False

diff --git a/doc/en/user/source/extensions/geofence-server/installing.rst b/doc/en/user/source/extensions/geofence-server/installing.rst
@@ -14,5 +14,7 @@ Installing the GeoServer GeoFence Server extension
     .. note:: By default GeoFence will store this data in a `H2 database <http://www.h2database.com/html/main.html>`__ and the database schema will be automatically managed by Hibernate.
 
        The `GeoFence documentation <https://github.com/geoserver/geofence/wiki/GeoFence-configuration>`__ explains how to configure a different backed database and configure Hibernate behavior.
+
+ #. Add the following system variable among the JVM startup options (location varies depending on installation type): ``-Dgwc.context.suffix=gwc``
 
  #. Restart GeoServer
diff --git a/doc/en/user/source/installation/docker.rst b/doc/en/user/source/installation/docker.rst
@@ -146,12 +146,12 @@ Here is a list of available extensions (taken from the `build server <https://bu
     app-schema   gdal            jp2k          ogr-wps          web-resource
     authkey      geofence        libjpeg-turbo oracle           wmts-multi-dimensional
     cas          geofence-server mapml         params-extractor wps-cluster-hazelcast
-    charts       geopkg-output   mbstyle       printing         wps-cluster-hazelcast
-    control-flow grib            mongodb       pyramid          wps-download
-    css          gwc-s3          monitor       querylayer       wps-jdbc
-    csw          h2              mysql         sldservice       wps
-    db2          imagemap        netcdf-out    sqlserver        xslt
-    dxf          importer        netcdf        vectortiles      ysld
+    charts       geopkg-output   mbstyle       printing         wps-download
+    control-flow grib            mongodb       pyramid          wps-jdbc
+    css          gwc-s3          monitor       querylayer       wps
+    csw          h2              mysql         sldservice       xslt
+    db2          imagemap        netcdf-out    sqlserver        ysld
+    dxf          importer        netcdf        vectortiles      
     excel        inspire         ogr-wfs       wcs2_0-eo
 
 Testing Geoserver Community modules

diff --git a/doc/en/user/source/production/config.rst b/doc/en/user/source/production/config.rst
@@ -107,6 +107,40 @@ To disable the Auto Complete on Web Admin login form:
 * Set the Java system property ``geoserver.login.autocomplete`` to off by adding ``-Dgeoserver.login.autocomplete=off`` to your container's JVM options
 * If the browser has already cached the credentials, please consider clearing the cache or form data after setting the JVM option.
 
+Disable anonymous access to the layer preview page
+--------------------------------------------------
+
+In some circumstances, you might want to provide access to the layer preview page to authenticated users only. The solution is based on
+adding a new :guilabel:`filter chain` with a rule matching the path of the layer preview page to GeoServer's :ref:`security_auth_chain`. Here are the
+steps to reproduce:
+
+* Under :guilabel:`Security` -> :guilabel:`Authentication` -> :guilabel:`Filter Chains`, add a new HTML chain
+* Set the new chain's name to ``webLayerPreview`` (or likewise)
+* As Ant pattern, enter the path of the layer preview page, which is :file:`/web/wicket/bookmarkable/org.geoserver.web.demo.MapPreviewPage`
+  (since it's an Ant pattern, the path could as well be written shorter with wildcards: :file:`/web/**/org.geoserver.web.demo.MapPreviewPage`)
+* Check option :guilabel:`Allow creation of an HTTP session for storing the authentication token`
+* Under :guilabel:`Chain filters`, add filters ``rememberme`` and ``form`` (in that order) to the :guilabel:`Selected` list on the right side
+* Close the dialog by clicking the :guilabel:`Close` button; the new HTML chain has been added to the list of chains as the last entry
+* Since all chains are processed in turn from top to bottom, in order to have any effect, the new ``webLayerPreview`` chain must be positioned
+  **before** the ``web`` chain (which matches paths :file:`/web/**,/gwc/rest/web/**,/`)
+* Use the :guilabel:`Position` arrows on the left side of the list to move the newly added chain upwards accordingly
+* Save the changes you've made by clicking the :guilabel:`Save` button at the bottom of the page
+
+With that in place, unauthenticated users now just get forwarded to the login page when they click the layer preview menu item link.
+
+The above procedure could as well be applied to other pages of the web administration interface that one needs to remove anonymous access for. For example:
+
+* :guilabel:`Demos` -> :guilabel:`Demo requests`
+  (path: :file:`/web/wicket/bookmarkable/org.geoserver.web.demo.DemoRequestsPage`)
+* :guilabel:`Demos` -> :guilabel:`WCS request builder`
+  (path: :file:`/web/wicket/bookmarkable/org.geoserver.wcs.web.demo.WCSRequestBuilder`)
+
+.. warning::
+    Although disabling anonymous access to the layer preview page **MAY** prevent some unauthenticated users from accessing data with some simple
+    clicks, this is **NOT** a security feature. In particular, since other more sophisticated users, having the ability to build OGC requests, **MAY**
+    still access critical data through GeoServer's services, this is **NOT** a replacement for a well-designed security concept based on data-level or
+    service-level security.
+
 X-Frame-Options Policy
 ----------------------
 

diff --git a/doc/en/user/source/rest/api/index.rst b/doc/en/user/source/rest/api/index.rst
@@ -29,9 +29,9 @@ This section describes the GeoServer REST configuration API.
    reload
    reset
    manifests
-   masterpassword
-   selfadmin
-   accesscontrol
+   Security (Master Password) <masterpassword>
+   Security (Self Admin) <selfadmin>
+   Security (Access Control) <accesscontrol>
    userrole
    resources
 
diff --git a/src/community/datadir-catalog-loader/README.md b/src/community/datadir-catalog-loader/README.md
@@ -0,0 +1,33 @@
+# Data-Directory GeoServer Loader
+
+Provides an alternative [GeoServerLoader](https://github.com/geoserver/geoserver/blob/main/src/main/src/main/java/org/geoserver/config/GeoServerLoader.java), [DataDirectoryGeoServerLoader](src/main/java/org/geoserver/catalog/datadir/DataDirectoryGeoServerLoader.java), that attempts to load and parse "data directories"
+faster than the default one, especially over shared drives such as NFS.
+
+The approach is to
+
+- Parallelize both I/O calls and parsing of Catalog and Config info objects
+- "Serialize" I/O calls as much as possible, trying to make a single pass over the `workspaces` directory tree, and load both catalog (workspaces, layers, etc.) and config (services, settings, etc.) files in one pass.
+
+The point is that large Catalogs contain several thousand small XML files that need to be read and parsed, and NFS in particular is really bad at serving small files.
+
+## Configuration
+
+Even if the plugin is in the JVM classpath, it can be disabled through the `datadir.loader.enabled=false` System Property, or the `DATADIR_LOADER_ENABLED` environment variable.
+
+```
+export DATADIR_LOADER_ENABLED=false
+bin/startup.sh
+```
+
+### Parallelism level
+
+The number of threads to use for loading and parsing configuration files is determined by an heuristic resolving to the minimum between `16` and the number of available processors as reported by `Runtime#availableProcessors()`.
+
+This can be overridden by an environment variable or system property  called `DATADIR_LOAD_PARALLELISM`.
+
+```
+export DATADIR_LOAD_PARALLELISM=4
+bin/startup.sh
+```
+
+
diff --git a/src/community/datadir-catalog-loader/pom.xml b/src/community/datadir-catalog-loader/pom.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- 
+ Copyright (C) 2014 - Open Source Geospatial Foundation. All rights reserved.
+ This code is licensed under the GPL 2.0 license, available at the root
+ application directory.
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+  <modelVersion>4.0.0</modelVersion>
+
+  <parent>
+    <groupId>org.geoserver</groupId>
+    <artifactId>community</artifactId>
+    <version>2.24-SNAPSHOT</version>
+  </parent>
+
+  <groupId>org.geoserver.community</groupId>
+  <artifactId>gs-datadir-catalog-loader</artifactId>
+  <name>Performance improved data-directory catalog loader</name>
+
+  <dependencies>
+    <dependency>
+      <groupId>org.geoserver</groupId>
+      <artifactId>gs-main</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.geoserver</groupId>
+      <artifactId>gs-main</artifactId>
+      <version>${project.version}</version>
+      <type>test-jar</type>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.geotools.jdbc</groupId>
+      <artifactId>gt-jdbc-postgis</artifactId>
+      <version>${gt.version}</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <!-- TODO: maybe upgrade to the more modern port https://www.datafaker.net/ -->
+      <groupId>com.github.javafaker</groupId>
+      <artifactId>javafaker</artifactId>
+      <version>1.0.2</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.mockito</groupId>
+      <artifactId>mockito-core</artifactId>
+      <scope>test</scope>
+    </dependency>
+  </dependencies>
+</project>