[Geoserver-devel] [JIRA] (GEOS-9015) WPS GetExecutions Operation Impl - Improve the way it recognizes the principal username

Alessio Fabiani created an issue

GeoServer / ImprovementGEOS-9015

WPS GetExecutions Operation Impl - Improve the way it recognizes the principal username

Issue Type:

ImprovementImprovement

Affects Versions:

2.15

Assignee:

Alessio Fabiani

Components:

WPS

Created:

16/Nov/18 10:25 AM

Priority:

MediumMedium

Reporter:

Alessio Fabiani

Currently, the Execute run method in order to recognize the Principal username just blindly does an “auth.getPrincipal().toString()”.

This is of course not fully correct hence the “toString()” method does not necessarily return the clean username. And this is exactly what happens when the Principal is an instance of Spring Security Context “UserDetails”.

The correct way to handle this would be to check if the Principal is an instance of “UserDetails”, cast it and return the clean username to be added to the filter.

Add Comment

Add Comment

Get Jira notifications on your phone! Download the Jira Cloud app for Android or iOS


This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100095-sha1:c772008)

Atlassian logo