FREE Webinar: GeoServer 2.28 and Beyond

Blog, News, Webinar Promotion ‐ Posted on 26.11.2025 by simone giannecchini

Dear Reader,

Join us Thursday December 18^th 2025 at 11AM Eastern (4pm GMT / 5PM CET), for the next free webinar as part of the GeoSolutions instructional webinar series on open-source software products, including GeoServer, GeoNode, and MapStore. On December 18^th we will be featuring GeoServer . You will have the opportunity to see all the new features of the latest major release 2.28, discover what is coming in the near future, and interact with the core developers of GeoServer. You can register here below for free!

This release introduces a wide range of new interesting features plus a number of important updates, here is a selection of our favorite ones. For the full list you can read this blog post.

Image Processing Engine updated

Updating the image processing engine used by GeoServer to be Java 17 compatible is one of the first major objectives of the GeoServer 3 crowdfunding activity. We are pleased to provide the upgrade from Java Advanced Imaging 1.1.3 to Eclipse ImageN 0.9.0 as part of the GeoServer 2.28.0 release.

Eclipse ImageN 0.9.0 is a stable release of two established codebases (Java Advanced Imaging and JAI-Ext) combined together into a single project. ImageN 1.0.0 will be released once the team has had an opportunity to increase the test coverage and update the user manual, over the course of the GeoServer 3.0 series. Thanks to Jody (GeoCat), Andrea and Daniele (GeoSolutions) for this work and GeoServer 3 Crowdfunding for accomplishing this key objective for the future of GeoServer. We would also like to thank the Eclipse Foundation for working with Oracle to finally make this Sun Microsystems technology open source, alongside OpenJDK.

For more information see Eclipse ImageN and updated Wikipedia Entry for Java Advanced Imaging.

Attribute Restrictions

Layer Feature Type Details has received a major improvement with an Edit attribute dialog making it easier to define the attribute name, description, type, nillability and for the first time restrictions. Attribute restrictions are used to limit data values and are included in DescribeFeatureType.

Two types of restrictions are available:

Options: Used to restrict set of numeric or string values to a provided set.
Range: Used to restrict numeric values between a minimum inclusive and maximum inclusive limit.

Thanks to Alessandro Ricchiuti (GeoSolutions) for this powerful improvement.

For more information see:

Feature Type Details in the User Manual
GSIP-234 Advertise and Enforce Attribute Restrictions
GEOS-11937 GSIP 234 – Advertise and Enforce Attribute Restrictions

Legend: Symbology Encoding Functions

This release includes a long-awaited improvement for legend graphic generation – creating a legend graphic when the Symbology Encoding Recode, Interpolate and Categorize functions are used.

<Fill>
  <CssParameter name="fill">
    <ogc:Function name="Recode">
      <!-- Value to Transform -->
      <ogc:Function name="strTrim">
        <ogc:PropertyName>SUB_REGION</ogc:PropertyName>
      </ogc:Function>
      <!-- Map of input to output values -->
      <ogc:Literal>N Eng</ogc:Literal>   <ogc:Literal>#6495ED</ogc:Literal>
      <ogc:Literal>Mid Atl</ogc:Literal> <ogc:Literal>#B0C4DE</ogc:Literal>
      <ogc:Literal>S Atl</ogc:Literal>   <ogc:Literal>#00FFFF</ogc:Literal>
      <ogc:Literal>E N Cen</ogc:Literal> <ogc:Literal>#9ACD32</ogc:Literal>
      <ogc:Literal>E S Cen</ogc:Literal> <ogc:Literal>#00FA9A</ogc:Literal>
      <ogc:Literal>W N Cen</ogc:Literal> <ogc:Literal>#FFF8DC</ogc:Literal>
      <ogc:Literal>W S Cen</ogc:Literal> <ogc:Literal>#F5DEB3</ogc:Literal>
      <ogc:Literal>Mtn</ogc:Literal>     <ogc:Literal>#F4A460</ogc:Literal>
      <ogc:Literal>Pacific</ogc:Literal> <ogc:Literal>#87CEEB</ogc:Literal>
    </ogc:Function>
  </CssParameter>
</Fill>

Thanks to Andrea Aime (GeoSolutions) for this improvement on behalf of German Aerospace Center (DLR).

GEOS-8002 LegendGraphic display using transformation functions (recode, interpolate, categorize)

OAuth2 OpenID Connect community modules

A new community module sec-oidc is now available based directly on Spring Security Core. This new community module is intended as a direct replacement for the existing sec-oauth2-geonode, sec-oauth2-github, sec-oauth2-google, and sec-oauth2-openid-connect plugins which have reached end of life.

For more information see OAUTH2 OIDC in the user manual. Extensive information (and notes) are provided for working with Google, GitHub, Microsoft Azure, and Keycloak. We are really pleased that the new OIDC community plugin is available alongside the existing OAuth2 implementations for comparison and testing.

The initial work was performed by Andreas Watermeyer (ITS Digital Solutions), and completed for GeoServer 2.28.0 by David Blasby (GeoCat), Ian Turton, and Alessio Fabiani (GeoSolutions). Thanks to the GeoServer 3 Crowdfunding sponsors for supporting this important development.

Developer Updates

A number of significant changes affect developers working on the GeoServer codebase:

The change to Java 17 LTS minimum brings new language features to the codebase
Java 17 build improvements
Maven bill-of-materials import to manage both GeoTools library modules and synchronize third-party dependencies with the GeoTools project.

Thanks to Gabriel Roldan (Camptocamp) for working on these activities on behalf of GeoServer 3 sponsors.

Security Considerations

This release addresses security vulnerabilities and is considered an important upgrade for production systems.

GEOS-11921 – CVE-2025-21621 – Reflected Cross-Site Scripting (XSS) vulnerability in WMS GetFeatureInfo HTML format (Moderate)
GEOS-11922 – CVE-2025-58360 – Unauthenticated XXE via WMS GetMap (High)

The use of the CVE system allows the GeoServer team to reach a wider audience than blog posts. See project security policy for more information on how security vulnerabilities are managed.

Upgrade instructions

Please take note of the Upgrade Instructions, specifically:

This release requires Java 17 LTS minimum, Java 11 is no longer supported. GeoServer is tested with Long Term Support releases: Java 17 LTS and Java 21 LTS. For more information see Java Considerations in the user manual.
The global setting Unrestricted XML External Entity Resolution has been replaced with the ENTITY_RESOLUTION_UNRESTRICTED application property. This change primarily affects application schema users that have not yet adopted ENTITY_RESOLUTION_ALLOWLIST. See update instructions for details.
Due to a user interface change, it is no longer necessary to generate a masterpw.info when upgrading an older data directory. If this file is present from an earlier upgrade, it is still considered a security warning and is noted on the welcome page.

Registration information

To learn more about the new features and interact with the core developers of GeoServer, I cordially invite you to a free webinar on December 18^th 2025 at 11 Eastern Time / 4pm GMT / 5 PM CET by registering at the link below!

Looking forward to seeing you on the webinar!

If you are interested in learning more about how we can help you develop a WebGIS using MapStore or help you achieve your needs with MapStore, GeoServer, GeoNode and GeoNetwork through our Enterprise Support Services, Professional Training Services and Subscription Services please contact us!

The GeoSolutions team,