[Geoserver-devel] Enabling layers using REST

I am trying to set the advertise element for coverage using REST from a script. The command I am using is

curl -w ‘%{http_code}’ –XPUT –H ‘Content-type: application/xml’ –d ${xml_element} “http://localhost:8080/geoserver/rest/layers/my.workspace:my.layer.xml

where ${xml_element} = “truetrue”

PUT and POST are set to anonymous in the security/rest.properties file

This worked in an earlier Geoserver 2.2.x trunk (Nov 2011), but does not work now.

Anybody having issues with REST commands using PUT and POST coverages?

Environment

Jboss 5.1

Postgresql 9.0.x

PostGIS 1.5.x

Geoserver 2.2.x

Thank you.

Robert L Brister
Principal Software Engineer
General Dynamics Information Technology
FNMOC, Monterey, CA
Building 704, Rm 235
Ph: 831-656-5056
Cell: 408-569-5954
robert.brister@anonymised.com

UNCLASSIFIED//FOR OFFICIAL USE ONLY//

Hi Robert,

Looked into this and it is a side effect of this recent GSIP:

http://geoserver.org/display/GEOS/GSIP+74±+Finer+Grained+Admin+Security

Basically we have the ability now to have more control over what users can make administrative calls via REST and the web ui, rather than restricting to the admin user.

Historically in layers.properties, where we define layer level security rules, we had access to two modes, read and write. We now have a third mode called “admin”.

In order to not ship with a security hole by default the migration assumes that the admin mode is always protected by the admin user. So in layers.properties this essentially looks like this:

..r=*
..w=*
..a=ROLE_ADMINISTRATOR

Admin requests, which include all restconfig requests like the one you are making, are considered admin mode, and hence require admin privileges. That said, you can simply change this to:

..r=*
..w=*
..a=*

To get the desired affect. This should be changeable from the ui, but just checked and it seems a bit is missing as admin is not accessible from the mode drop down on the data access rule page. Filed a jira for that and will fix shortly.

http://jira.codehaus.org/browse/GEOS-5087

For now just editing the file in place (no restart required) should fix the issue.

Hope all that is clear.

-Justin

On Tue, May 1, 2012 at 10:52 PM, Brister, Robert L <Robert.Brister@anonymised.com> wrote:

I am trying to set the advertise element for coverage using REST from a script. The command I am using is

curl -w ‘%{http_code}’ –XPUT –H ‘Content-type: application/xml’ –d ${xml_element} “http://localhost:8080/geoserver/rest/layers/my.workspace:my.layer.xml

where ${xml_element} = “truetrue”

PUT and POST are set to anonymous in the security/rest.properties file

This worked in an earlier Geoserver 2.2.x trunk (Nov 2011), but does not work now.

Anybody having issues with REST commands using PUT and POST coverages?

Environment

Jboss 5.1

Postgresql 9.0.x

PostGIS 1.5.x

Geoserver 2.2.x

Thank you.

Robert L Brister
Principal Software Engineer
General Dynamics Information Technology
FNMOC, Monterey, CA
Building 704, Rm 235
Ph: 831-656-5056
Cell: 408-569-5954
robert.brister@anonymised.com

UNCLASSIFIED//FOR OFFICIAL USE ONLY//


Live Security Virtual Conference
Exclusive live event will cover all the ways today’s security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/


Geoserver-devel mailing list
Geoserver-devel@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel


Justin Deoliveira
OpenGeo - http://opengeo.org
Enterprise support for open source geospatial.