Christian Mueller created an issue |
Issue Type: |
Bug |
---|---|
Affects Versions: |
2.14.1, 2.15-RC |
Assignee: |
Unassigned |
Components: |
Security |
Created: |
11/Dec/18 12:52 PM |
Environment: |
Spring Security Version 4.2.7 |
Priority: |
High |
Reporter: |
The class org.springframework.security.web.FilterChainProxy used by org.geoserver.security.GeoServerSecurityFilterChainProxy The proxy uses an instance of org.springframework.security.web.firewall.StrictHttpFirewall instead of org.springframework.security.web.firewall.DefaultHttpFirewall. The class StrictHttpFirewall disallows (as default ) the usage of special characters(dot,colon,…) in an URL. As a consequence the GeoServer Rest API cannot handle GeoServer objects ( layers, featuretypes,…) with a special character in their name. Btw, dots are required by INSPIRE. Restoring the original behavior can be done by adding the following bean definition <bean id=“defaultFirewall” class=“org.springframework.security.web.firewall.DefaultHttpFirewall”/> to applicationSecurityContext.xml Should I prepare a pull request for master and 2.14.x ? |
Get Jira notifications on your phone! Download the Jira Cloud app for Android or iOS |
|
This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100095-sha1:b32a154) |