|
Issue Type:
|
Bug
|
Affects Versions:
|
2.3-RC1
|
Assignee:
|
Andrea Aime
|
Created:
|
16/Mar/13 5:35 AM
|
Description:
|
If layers are protected and the catalog mode is mixed, a layer preview with an unauthorized user causes an access denied exception.
This happens in SecureCatalogImpl, method
public WrapperPolicy buildWrapperPolicy(Authentication user,
CatalogInfo info, String resourceName) { …
line 855
Code Snippet:
if (!canRead) {
// if in hide mode, we just hide the resource
if (mode == CatalogMode.HIDE)
{ return WrapperPolicy.hide(limits); }
else if (mode == CatalogMode.MIXED)
{ // if request is a get capabilities and mixed, we hide again Request request = Dispatcher.REQUEST.get(); if(request != null && “GetCapabilities”.equalsIgnoreCase(request.getRequest())) return WrapperPolicy.hide(limits); // otherwise challenge the user for credentials else throw unauthorizedAccess(resourceName); }
else
{ // for challenge mode we agree to show freely only the metadata, every // other access will trigger a security exception return WrapperPolicy.metadata(limits); }
============================================
Not sure how to fix this. In this scenario we should decide for a behavior like mode HIDE or CHALLENGE, not sure what is the best.
AFAIK, Dispatcher.REQUEST is set only for OGC services, maybe it is possible to check if this thread local is null, but I am not sure about side effects.
|
Project:
|
GeoServer
|
Priority:
|
Major
|
Reporter:
|
Christian Mueller
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: [http://www.atlassian.com/software/jira](http://www.atlassian.com/software/jira)