The 52North Web Security Service (WSS) lets you easily restrict access to spatial services and their resources using role-based permissions.
With 52North WSS you can define access policies like:
All users in role ‘external’ are allowed to access just layers A and B of the WMS with GetMap. or GetFeatureInfo is only allowed on layer A in a specific area defined by a bounding box.
The 52North WSS is a Java Web Application which usually runs in a Apache Tomcat Servlet container. It acts as a proxy for an arbitrary number of OGC Web Services, receiving all requests and acting upon the defined policies. Thus, existing service implementations don’t need to be changed. Policies and users are defined in XML configuration files, which are maintained from a general management interface.