Could you share the details on how you extended the security configuration files
to put in them the info about the allowed bbox ?
I had to use many dataSource (like xml,bdd and ldap) and our right extended (layer,bbox(s),service,request,filters etc are linked together in the geoRM) so I wrote my own system and I think it would not be usefull for you.
I didn’t use properties file like in org.geoserver.security.DefaultDataAccessManager in order to correct the problem with ‘.’ in coordinate, I used xml (and avoid properties files). I created DTOs (my own enveloppe) and for serialization/deserialization I used Xstream (which is in geoserver too):
If you want one Bbox for one role and layer: (with xstream and alias you have object direcly:)
test
-8236345.031824412
-8236346.031824412
4968280.5516899815
4971290.776477601
EPSG:900913
</right
auth = (Authentication) SecurityContextHolder
.getContext().getAuthentication();
protected int vote(org.geoserver.platform.Operation op, Authentication user) {
GetMapRequest getMapRequest = (GetMapRequest) op.getParameters()[0];
MapLayerInfo layersInfo = getMapRequest.getLayers();
org.geotools.geometry.jts.ReferencedEnvelope env = new ReferencedEnvelope(
getMapRequest.getBbox(), getMapRequest.getCrs());
MyBbox bbox=bboxManagerOrDao(auth.getGrantedAuthorities()[0],layersInfo[0]);
ReferencedEnvelope env2=new ReferencedEnvelope(bbox.getX1(),bbox.getX1() , bbox.getX1() , bbox.getX1() ,bbox.getCRS());
env2=env2.transform(getMapRequest.getCrs(), true);
boolean isIn=env2.contains((BoundingBox)env));
…
Fabien