==

GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.

Dott. Mauro Bartolomeoli
@mauro_bart
Senior Software Engineer

GeoSolutions S.A.S.
Via di Montramito 3/A

55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.

On Wed, Oct 19, 2016 at 12:22 PM, Mauro Bartolomeoli <mauro.bartolomeoli@anonymised.com> wrote:

Hi everybody,
I was asked by one of our customers to investigate if https://osgeo-org.atlassian.net/browse/GEOS-6189 is still current and if we can apply the patch that’s attached to the JIRA ticket.

Basically, they are experiencing some issues with single sign out.

I will try to explain what I have understood so far about the proposed patches.

First patch:

In GeoServerCasAuthenticationFilter there is some code to handle single sign out:

if (isLogoutRequest(httpReq)) {
if (singleSignOut) { // do we participate
LOGGER.info(“Single Sign Out received from CAS server → starting log out”);
handler.process(httpReq, httpRes);
LogoutFilterChain logOutChain = (LogoutFilterChain)

getSecurityManager().getSecurityConfig().getFilterChain().getRequestChainByName(“webLogout”);
logOutChain.doLogout(getSecurityManager(), httpReq, httpRes,getName());

} else
LOGGER.info(“Single Sign Out received from CAS server → ignoring”);
return;
}

The handler.process(…) call is handling the CAS related logout, but it seems that doing that before calling the GeoServer logout chaing is the cause of issues, so we suggest to move the code this way:

if (isLogoutRequest(httpReq)) {
if (singleSignOut) { // do we participate
LOGGER.info(“Single Sign Out received from CAS server → starting log out”);
LogoutFilterChain logOutChain = (LogoutFilterChain)
getSecurityManager().getSecurityConfig().getFilterChain().getRequestChainByName(“webLogout”);
logOutChain.doLogout(getSecurityManager(), httpReq, httpRes,getName());
handler.process(httpReq, httpRes);
} else
LOGGER.info(“Single Sign Out received from CAS server → ignoring”);
return;
}

This makes sense to me and I did some tests to see if it breaks the logout scenario, with no issues.

Second patch:

Another piece of code is registering the CAS token when available so that it can be used during the single logut procedure.

if (SecurityContextHolder.getContext().getAuthentication()!=null) {
HttpSession session = httpReq.getSession(false);

if (session !=null &&
session.getAttribute(GeoServerCasConstants.CAS_ASSERTION_KEY)!=null && singleSignOut) {
handler.process(httpReq, httpRes);

if (LOGGER.isLoggable(Level.INFO))
LOGGER.info("Record HTTP Session “+session.getId()+ " for CAS single sign out”);
}
}

The patch proposes to remove this piece of code, but in my opinion this is not correct, since then the single sign out procedure would not be able to find the token when needed.

My idea would be to apply only the first patch, and I will prepare a pull request for that. Is there any CAS expert out there that can give me advices on this?

Thanks
Mauro

–

==

GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.

Dott. Mauro Bartolomeoli
@mauro_bart
Senior Software Engineer

GeoSolutions S.A.S.
Via di Montramito 3/A

55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

---

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.

---

Check out the vibrant tech community on one of the world’s most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot

---

Geoserver-devel mailing list
Geoserver-devel@anonymised.com.366…sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

2016-10-20 9:20 GMT+02:00 Christian Mueller <christian.mueller@anonymised.com>:

Hi Mauro

I tested the first patch in my online test environment → no issues, seems to be correct.

The second patch is not up to date, the code does not contain a call

getHandler().recordSession(httpReq);

I think we should apply the first patch.

Christian

–

On Wed, Oct 19, 2016 at 12:22 PM, Mauro Bartolomeoli <mauro.bartolomeoli@anonymised.comsolutions.it> wrote:

Hi everybody,
I was asked by one of our customers to investigate if https://osgeo-org.atlassian.net/browse/GEOS-6189 is still current and if we can apply the patch that’s attached to the JIRA ticket.

Basically, they are experiencing some issues with single sign out.

I will try to explain what I have understood so far about the proposed patches.

First patch:

In GeoServerCasAuthenticationFilter there is some code to handle single sign out:

if (isLogoutRequest(httpReq)) {
if (singleSignOut) { // do we participate
LOGGER.info(“Single Sign Out received from CAS server → starting log out”);
handler.process(httpReq, httpRes);
LogoutFilterChain logOutChain = (LogoutFilterChain)

getSecurityManager().getSecurityConfig().getFilterChain().getRequestChainByName(“webLogout”);
logOutChain.doLogout(getSecurityManager(), httpReq, httpRes,getName());

} else
LOGGER.info(“Single Sign Out received from CAS server → ignoring”);
return;
}

The handler.process(…) call is handling the CAS related logout, but it seems that doing that before calling the GeoServer logout chaing is the cause of issues, so we suggest to move the code this way:

if (isLogoutRequest(httpReq)) {
if (singleSignOut) { // do we participate
LOGGER.info(“Single Sign Out received from CAS server → starting log out”);
LogoutFilterChain logOutChain = (LogoutFilterChain)
getSecurityManager().getSecurityConfig().getFilterChain().getRequestChainByName(“webLogout”);
logOutChain.doLogout(getSecurityManager(), httpReq, httpRes,getName());
handler.process(httpReq, httpRes);
} else
LOGGER.info(“Single Sign Out received from CAS server → ignoring”);
return;
}

This makes sense to me and I did some tests to see if it breaks the logout scenario, with no issues.

Second patch:

Another piece of code is registering the CAS token when available so that it can be used during the single logut procedure.

if (SecurityContextHolder.getContext().getAuthentication()!=null) {
HttpSession session = httpReq.getSession(false);

if (session !=null &&
session.getAttribute(GeoServerCasConstants.CAS_ASSERTION_KEY)!=null && singleSignOut) {
handler.process(httpReq, httpRes);

if (LOGGER.isLoggable(Level.INFO))
LOGGER.info("Record HTTP Session “+session.getId()+ " for CAS single sign out”);
}
}

The patch proposes to remove this piece of code, but in my opinion this is not correct, since then the single sign out procedure would not be able to find the token when needed.

My idea would be to apply only the first patch, and I will prepare a pull request for that. Is there any CAS expert out there that can give me advices on this?

Thanks
Mauro

–

==

GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.

Dott. Mauro Bartolomeoli
@mauro_bart
Senior Software Engineer

GeoSolutions S.A.S.
Via di Montramito 3/A

55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

---

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.

---

Check out the vibrant tech community on one of the world’s most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot

---

Geoserver-devel mailing list
Geoserver-devel@anonymised.comrge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

==

GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.

Dott. Mauro Bartolomeoli
@mauro_bart
Senior Software Engineer

GeoSolutions S.A.S.
Via di Montramito 3/A

55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.

On Thu, Oct 20, 2016 at 12:20 PM, Mauro Bartolomeoli <mauro.bartolomeoli@anonymised.com> wrote:

Hi Christian and all,
I prepared the related (trivial) pull request here: https://github.com/geoserver/geoserver/pull/1899

Mauro

–

2016-10-20 9:20 GMT+02:00 Christian Mueller <christian.mueller@anonymised.comsolutions.at>:

Hi Mauro

I tested the first patch in my online test environment → no issues, seems to be correct.

The second patch is not up to date, the code does not contain a call

getHandler().recordSession(httpReq);

I think we should apply the first patch.

Christian

–

==

GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.

Dott. Mauro Bartolomeoli
@mauro_bart
Senior Software Engineer

GeoSolutions S.A.S.
Via di Montramito 3/A

55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.

On Wed, Oct 19, 2016 at 12:22 PM, Mauro Bartolomeoli <mauro.bartolomeoli@anonymised.comons.it> wrote:

Hi everybody,
I was asked by one of our customers to investigate if https://osgeo-org.atlassian.net/browse/GEOS-6189 is still current and if we can apply the patch that’s attached to the JIRA ticket.

Basically, they are experiencing some issues with single sign out.

I will try to explain what I have understood so far about the proposed patches.

First patch:

In GeoServerCasAuthenticationFilter there is some code to handle single sign out:

if (isLogoutRequest(httpReq)) {
if (singleSignOut) { // do we participate
LOGGER.info(“Single Sign Out received from CAS server → starting log out”);
handler.process(httpReq, httpRes);
LogoutFilterChain logOutChain = (LogoutFilterChain)

getSecurityManager().getSecurityConfig().getFilterChain().getRequestChainByName(“webLogout”);
logOutChain.doLogout(getSecurityManager(), httpReq, httpRes,getName());

} else
LOGGER.info(“Single Sign Out received from CAS server → ignoring”);
return;
}

The handler.process(…) call is handling the CAS related logout, but it seems that doing that before calling the GeoServer logout chaing is the cause of issues, so we suggest to move the code this way:

if (isLogoutRequest(httpReq)) {
if (singleSignOut) { // do we participate
LOGGER.info(“Single Sign Out received from CAS server → starting log out”);
LogoutFilterChain logOutChain = (LogoutFilterChain)
getSecurityManager().getSecurityConfig().getFilterChain().getRequestChainByName(“webLogout”);
logOutChain.doLogout(getSecurityManager(), httpReq, httpRes,getName());
handler.process(httpReq, httpRes);
} else
LOGGER.info(“Single Sign Out received from CAS server → ignoring”);
return;
}

This makes sense to me and I did some tests to see if it breaks the logout scenario, with no issues.

Second patch:

Another piece of code is registering the CAS token when available so that it can be used during the single logut procedure.

if (SecurityContextHolder.getContext().getAuthentication()!=null) {
HttpSession session = httpReq.getSession(false);

if (session !=null &&
session.getAttribute(GeoServerCasConstants.CAS_ASSERTION_KEY)!=null && singleSignOut) {
handler.process(httpReq, httpRes);

if (LOGGER.isLoggable(Level.INFO))
LOGGER.info("Record HTTP Session “+session.getId()+ " for CAS single sign out”);
}
}

The patch proposes to remove this piece of code, but in my opinion this is not correct, since then the single sign out procedure would not be able to find the token when needed.

My idea would be to apply only the first patch, and I will prepare a pull request for that. Is there any CAS expert out there that can give me advices on this?

Thanks
Mauro

–

==

GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.

Dott. Mauro Bartolomeoli
@mauro_bart
Senior Software Engineer

GeoSolutions S.A.S.
Via di Montramito 3/A

55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

---

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.

---

Check out the vibrant tech community on one of the world’s most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot

---

Geoserver-devel mailing list
Geoserver-devel@anonymised.comrge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

–

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

2016-10-20 12:36 GMT+02:00 Christian Mueller <christian.mueller@anonymised.com>:

Please merge

Done.

A backport would be nice.

2.10, 2.9, 2.8 is ok?

Mauro

–

==

GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.

Dott. Mauro Bartolomeoli
@mauro_bart
Senior Software Engineer

GeoSolutions S.A.S.
Via di Montramito 3/A

55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.

On Thu, Oct 20, 2016 at 1:04 PM, Mauro Bartolomeoli <mauro.bartolomeoli@anonymised.com> wrote:

Hi,

–

2016-10-20 12:36 GMT+02:00 Christian Mueller <christian.mueller@anonymised.comsolutions.at>:

Please merge

Done.

A backport would be nice.

2.10, 2.9, 2.8 is ok?

Mauro

–

==

GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.

Dott. Mauro Bartolomeoli
@mauro_bart
Senior Software Engineer

GeoSolutions S.A.S.
Via di Montramito 3/A

55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH