Andrea Aime created GEOS-5990 |
Issue Type: |
Bug |
Assignee: |
|
Components: |
Configuration |
Created: |
23/Aug/13 7:32 AM |
Description: |
During the KVP parse, and while running the init for the dispatcher callbacks, we have the REQUEST thread local set to null, and those can do catalog accesses. Generally speaking, this is a problem for security systems as they cannot known about the current service, request and and version while evaluating the catalog access request. However, it should be possible to load version, request and service before doing the rest of the KVP parse, and XML parses normally do not do any validation, thus they should not end up accessing the catalog |
Project: |
|
Priority: |
Major |
Reporter: |