https://github.com/geoserver/geoserver/wiki/GSIP-159
GeoServer currently uses a rather ugly and brittle mechanism to apply
data security (Certain users should only be able to view certain layers
or certain parts of layers) to the service endpoints of its internal GWC
instance.
This proposal is to add an API to GeoWebCache to do security checks
which GeoServer can extend to apply its own security rules deeper inside
GWC, after the service endpoints have parsed the request into a
universal Conveyor object.
Filter to check that the request is allowed.
|interface SecurityFilter { public void checkSecurity(TileLayer layer,
BoundingBox extent, SRS srs, Object securityContext) throws
SecurityException; } |
Extension point that the |GeoWebCacheDispatcher| can call to generate
appropriate security context object to be stored on the resulting |Conveyor|
|interface SecurityContextProvider<Context> { public Context
getSecurityContext(HttpRequest request) } |
Add accessors for a |securityContext| property to |Conveyor|.
|GeoWebCacheDispatcher| calls |Service.getConveyor| to get a |Conveyor|,
then handles it. The context would be attached in between those steps.
|conv = service.getConveyor(request, response); securityContext =
securityContextProvider.getSecurityContext(request);
conv.setSecurityContext(securityContext); |
Add a |SecurityException| class. Allow it to wrap another exception so
it can wrap the GeoServer one, which might then be extracted if need be.
Amend method signatures to allow throwing this exception.
--
Kevin Michael Smith
<smit...@draconic.ca>
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Geoserver-devel mailing list Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel
