Good afternoon,
as you may know, the params-extractor community module can be used in GeoServer to transform url path fragments to normal query string parameters (https://docs.geoserver.org/latest/en/user/community/params-extractor/index.html).
This is working fine except for one use-case that we need to cover for one customer: the ability to use it together with the authkey authentication filter.
Long story short, we would like to implement the ability to express the authkey as part of the url path (e.g. /geoserver/!@/wms) and this would be a perfect fit for the params-extractor module, but unfortunately security filters run before spring configured filters (and params-extractor is a spring configured filter in GeoServer).
We found a possible solution, that requires registering the same filter in tomcat web.xml, so that it can run before the usual timing. Being able to do so requires only a couple of changes:
- adding an empty constructor to the filter
- adding code in the init method of the filter to initialize config when run through web.xml
Obviously the filter could be used the old way, or the new way, just by registering it in the tomcat web.xml or not.
Any alternative idea?
···
Regards,
Mauro Bartolomeoli
==
GeoServer Professional Services from the experts! Visit http://goo.gl/it488V for more information.
Dott. Mauro Bartolomeoli
@mauro_bart
Technical Lead
GeoSolutions S.A.S.
Via di Montramito 3/A
55054 Massarosa (LU)
Italy
mobile: +39 393 904 1756
phone: +39 0584 962313
fax: +39 0584 1660272
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni circostanza inerente alla presente email (il suo contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le sarei comunque grato se potesse darmene notizia.
This email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. We remind that - as provided by European Regulation 2016/679 “GDPR” - copying, dissemination or use of this e-mail or the information herein by anyone other than the intended recipient is prohibited. If you have received this email by mistake, please notify us immediately by telephone or e-mail.
Hi Mauro,
if configured in the web.xml, it would also be picked from the application context or not?
If so it would run twice, is that a problem?
Cheers
Andrea
···
Regards, Andrea Aime == GeoServer Professional Services from the experts! Visit http://goo.gl/it488V for more information. == Ing. Andrea Aime @geowolf Technical Lead GeoSolutions S.A.S. Via di Montramito 3/A 55054 Massarosa (LU) phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339 8844549 http://www.geo-solutions.it http://twitter.com/geosolutions_it ------------------------------------------------------- Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni circostanza inerente alla presente email (il suo contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le sarei comunque grato se potesse darmene notizia. This email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. We remind that - as provided by European Regulation 2016/679 “GDPR” - copying, dissemination or use of this e-mail or the information herein by anyone other than the intended recipient is prohibited. If you have received this email by mistake, please notify us immediately by telephone or e-mail.
Hi Andrea,
I did some tests and it looks to be working fine.
I can eventually add some code to avoid it (since init is only called if configured in web.xml I can probably put some code there to make the spring duplicate “not working”)
I will do more testing before preparing a PR.
Mauro
···
Regards,
Mauro Bartolomeoli
==
GeoServer Professional Services from the experts! Visit http://goo.gl/it488V for more information.
Dott. Mauro Bartolomeoli
@mauro_bart
Technical Lead
GeoSolutions S.A.S.
Via di Montramito 3/A
55054 Massarosa (LU)
Italy
mobile: +39 393 904 1756
phone: +39 0584 962313
fax: +39 0584 1660272
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni circostanza inerente alla presente email (il suo contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le sarei comunque grato se potesse darmene notizia.
This email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. We remind that - as provided by European Regulation 2016/679 “GDPR” - copying, dissemination or use of this e-mail or the information herein by anyone other than the intended recipient is prohibited. If you have received this email by mistake, please notify us immediately by telephone or e-mail.