Re: [Geoserver-users] outputformat getfeature 2.0.0 (2.13.1)

2018-06-07 Thread Ben Caradoc-Davies 

On 08/06/18 11:24, Ben Caradoc-Davies wrote:
Nuno, was this intended? Should a different GML 3.2 Content-Type 
specified in outputformat override the WFS GML 3.2 Content-Type settings 
if it matches a supported option? No doubt users specifying 
outputformat=gml32 will not expect "Content-Type: gml32", but the 
behaviour could be different for outputformat "text/xml; 
subtype=gml/3.2" or "text/xml".


"text/xml" alone will never work because then GeoServer will not be able 
to determine the GML version.


Kind regards,

--
Ben Caradoc-Davies 
Director
Transient Software Limited 
New Zealand

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] outputformat getfeature 2.0.0 (2.13.1)

2018-06-07 Thread Ben Caradoc-Davies 

Bart,

the default "Content-Type: application/gml+xml; version=3.2" is required 
by the WFS 2.0 standard:


http://docs.opengeospatial.org/is/09-025r2/09-025r2.html#52
"The optional outputFormat parameter specifies the format used to encode 
resources in the response to a query operation. The default value is 
"application/gml+xml; version=3.2" indicating that resources in the 
response document shall be encoded using GML (see ISO 19136:2007)."


You can set a different value in the WFS settings if you prefer the old 
non-standard-compliant behaviour:

http://docs.geoserver.org/latest/en/user/services/wfs/webadmin.html#override-gml-3-2-mime-type

It also looks from your report that you would like the option to be able 
to request a text/xml Content-Type for GML 3.2 regardless of this 
setting. I do not think GeoServer supports this because it chooses the 
language from outputformat (GML 3.2, GML 3.1, GeoJSON, ...) and then, 
for GML 3.2, the corresponding Content-Type from the WFS settings, which 
will not match the behaviour you expect.


Nuno, was this intended? Should a different GML 3.2 Content-Type 
specified in outputformat override the WFS GML 3.2 Content-Type settings 
if it matches a supported option? No doubt users specifying 
outputformat=gml32 will not expect "Content-Type: gml32", but the 
behaviour could be different for outputformat "text/xml; 
subtype=gml/3.2" or "text/xml".


Kind regards,
Ben.

On 08/06/18 02:09, Verbeeck Bart (AIV) wrote:

Dear List

Why is the default outputformat for a wfs (2.0.0) request in version 2.13.1 
"Content-Type: application/gml+xml; version=3.2"

It used to be (2.11.1 for instance) "Content-Type: text/xml; subtype=gml/3.2"

Even if I ask for "text/xml; subtype=gml/3.2", I receive application/gml+xml; 
version=3.2

Thanks for the info

Bart

-Original Message-
From: Nuno Oliveira [mailto:nuno.olive...@geo-solutions.it]
Sent: donderdag 7 juni 2018 9:40
To: geoserver-users@lists.sourceforge.net
Subject: Re: [Geoserver-users] Geoserver WFS 2.0 combined with app-schema

Good point Ben, thanks for the heads up !

On 06/07/2018 01:07 AM, Ben Caradoc-Davies wrote:

On 07/06/18 08:37, Nuno Oliveira wrote:

Regarding this request you are asking for GML3 ... which implies WFS
1.1.0 and GML 3 schemas. Your target INSPIRE schema uses GML32, so
you should request for GML32 output IMHO:
https://geo.sv.rostock.de/inspire/us-govserv-schools/ows?service=WFS&;
version=2.0.0&request=GetFeature&typeNames=us-govserv-schools:Governm
entalService&*outputFormat=gml32*&maxFeatures=1



Tim,

in my email client, viewing as plain text, this URL contains "*" for
bold around "outputFormat=gml32". Be sure to remove these if your
email client adds them.  :-)

Kind regards,



--
Regards,
Nuno Oliveira
==
GeoServer Professional Services from the experts!
Visit http://goo.gl/it488V for more information.
==

Nuno Miguel Carvalho Oliveira
@nmcoliveira
Software Engineer

GeoSolutions S.A.S.
Via di Montramito 3/A
55054  Massarosa (LU)
Italy
phone: +39 0584 962313
fax:  +39 0584 1660272

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

---

Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE 
2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si precisa 
che ogni circostanza inerente alla presente email (il suo contenuto, gli 
eventuali allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i 
destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per 
errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita.
Le sarei comunque grato se potesse darmene notizia.

This email is intended only for the person or entity to which it is addressed 
and may contain information that is privileged, confidential or otherwise 
protected from disclosure. We remind that - as provided by European Regulation 
2016/679 “GDPR” - copying, dissemination or use of this e-mail or the 
information herein by anyone other than the intended recipient is prohibited. 
If you have received this email by mistake, please notify us immediately by 
telephone or e-mail.


--
Check out the vibrant tech community on one of the world's most engaging tech 
sites, Slashdot.org! http://sdm.link/slashdot 
___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sour

Re: [Geoserver-users] Known vulnerability in commons-fileupload v1.2.1, used by geoserver

2018-06-07 Thread mark 

On 06/07/18 22:27, Joe Murphy wrote:


https://github.com/jeremylong/DependencyCheck

I've been running this Owasp DependencyCheck for about a year on various 
projects, it can be as easy as adding the following to the travis or 
jenkins file:


mvn org.owasp:dependency-check-maven:aggregate -Dformat=ALL 
-DsuppressionFile=./.mvn/owasp-suppression.xml


eg. https://github.com/B3Partners/brmo/blob/master/Jenkinsfile#L118

and adding the following to the plugingManagment section of the parent 
pom file:



    
    
    org.owasp
dependency-check-maven
    3.2.1
    
    ...


eg. https://github.com/B3Partners/brmo/blob/master/pom.xml#L884-L888

probably you'll want to set up a suppression file to catch false 
positives like 
https://github.com/B3Partners/brmo/blob/master/.mvn/owasp-suppression.xml
I have suppressions in place for CVE-2015-6737 in gt-swing and 
CVE-2005-0406 in gt-coverage.


I have a similar setup in https://github.com/flamingo-geocms/flamingo

hth, Mark
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Known vulnerability in commons-fileupload v1.2.1, used by geoserver

2018-06-07 Thread Jim Hughes 

Hi all,

Apologies for not reading more carefully.  Looks like 
https://github.com/OSSIndex/ossindex-maven-plugin and the 
DependencyCheck plugin are the winners for the Maven ecosystem.


Andrea, other PSCers, I got interested in the plugins, and have fiddled 
with them some this afternoon.  I'm going to volunteer some time later 
this month to work on JTS.  I could be up for working on some of this 
with Jody.


Cheers,

Jim

On 06/07/2018 04:27 PM, Joe Murphy wrote:
Sounds like you guys have a solution. But, here's some links, one that 
looks like it could plugin to your Atlassian Suite, and one that looks 
like it may answer the Maven question that Jim asked.


https://techbeacon.com/13-tools-checking-security-risk-open-source-dependencies-0

https://github.com/jeremylong/DependencyCheck

Hope I helped more than got in the way.

Joe

On Thu, Jun 7, 2018 at 7:57 PM, Andrea Aime 
mailto:andrea.a...@geo-solutions.it>> 
wrote:


Hi Jim,
Dave already suggested an approach.. that should not be too hard,
maybe setting up a Jenkins build
that reports only to the PSC... that's not the problem, it's a one
time thing.

It's upgrading the libraries that will be trouble, we depend on
various old ones, we tried to organize
a code sprint with many devs, but failed to get it going (when
Jody proposed to do 2 or 3 sprints
on different topics everybody looked elsewhere, it was just not
serious, finding time for one co-located
sprint a year is already hard enough).

My hope is that commons-fileupload will be a seamless upgrade, but
in general, we'll need a concerted
effort, various devs for one week, to get widespread upgrades
going (e.g., many of the libs we're using
have done API or format breaking changes, it will not be a simple
"change the dep and rebuid" gig).

Cheers
Andrea


On Thu, Jun 7, 2018 at 8:43 PM, Jim Hughes mailto:jhug...@ccri.com>> wrote:

Hi Joe,

The GitHub security alerts seem to only be available for
JavaScript and Ruby.

Is there a scanner which would work with a Maven/JVM project
that you can recommend?

Cheers,

Jim


On 06/07/2018 02:18 PM, Joe Murphy wrote:

Not to try and start a huge discussion; but since the cat is
out of the bag so to speak, I also knew of this quite some
time(1year+) ago. I don't have the resources to add bugs to
the JIRA, but I was able to find/fix locally very easily
(what you do with open source). I guess I was wondering if
you guys are scanning with any of the free tools, including
the one right on Github that would have spotted this and others.


https://blog.github.com/2017-11-16-introducing-security-alerts-on-github/



I used a tool called Twistlock which is a container scanner;
but it draws from the same NVD database as the free and
Github scanners.

All the best,
Joe

On Thu, Jun 7, 2018 at 5:56 PM, Andrea Aime
mailto:andrea.a...@geo-solutions.it>> wrote:

Hi Chris,
yes, master. Much appreciated!

Cheers
Andrea

On Thu, Jun 7, 2018 at 4:36 PM, Chris Snider
mailto:chris.sni...@polarisalpha.com>> wrote:

I can try to do that this weekend.  I assume master?

Chris Snider

Senior Software Engineer

cid:image001.png@01D2E6A5.9104F820

*From:* andrea.a...@gmail.com

[mailto:andrea.a...@gmail.com
] *On Behalf Of *Andrea
Aime
*Sent:* Thursday, June 07, 2018 8:25 AM
*To:* Chris Snider mailto:chris.sni...@polarisalpha.com>>
*Cc:* Dave Wichers mailto:dave.wich...@ey.com>>;
geoserver-users@lists.sourceforge.net



*Subject:* Re: [Geoserver-users] Known vulnerability
in commons-fileupload v1.2.1, used by geoserver

Hi Chris,

that's a sensible suggestion. The web site is on
gihub, any chance you could do a pull request? I'm
swamped...

https://github.com/geoserver/geoserver.github.io


Cheers

Andrea

On Thu, Jun 7, 2018 at 4:18 PM, Chris Snider
mailto:chris.sni...@polarisalpha.com>> wrote:

Andrea,

It took me a second to find the security block. 
I completely overlooked the blue field.

Maybe add a new header under th

Re: [Geoserver-users] Known vulnerability in commons-fileupload v1.2.1, used by geoserver

2018-06-07 Thread Joe Murphy 
Sounds like you guys have a solution. But, here's some links, one that
looks like it could plugin to your Atlassian Suite, and one that looks like
it may answer the Maven question that Jim asked.

https://techbeacon.com/13-tools-checking-security-risk-open-source-dependencies-0

https://github.com/jeremylong/DependencyCheck

Hope I helped more than got in the way.

Joe

On Thu, Jun 7, 2018 at 7:57 PM, Andrea Aime 
wrote:

> Hi Jim,
> Dave already suggested an approach.. that should not be too hard, maybe
> setting up a Jenkins build
> that reports only to the PSC... that's not the problem, it's a one time
> thing.
>
> It's upgrading the libraries that will be trouble, we depend on various
> old ones, we tried to organize
> a code sprint with many devs, but failed to get it going (when Jody
> proposed to do 2 or 3 sprints
> on different topics everybody looked elsewhere, it was just not serious,
> finding time for one co-located
> sprint a year is already hard enough).
>
> My hope is that commons-fileupload will be a seamless upgrade, but in
> general, we'll need a concerted
> effort, various devs for one week, to get widespread upgrades going (e.g.,
> many of the libs we're using
> have done API or format breaking changes, it will not be a simple "change
> the dep and rebuid" gig).
>
> Cheers
> Andrea
>
>
> On Thu, Jun 7, 2018 at 8:43 PM, Jim Hughes  wrote:
>
>> Hi Joe,
>>
>> The GitHub security alerts seem to only be available for JavaScript and
>> Ruby.
>>
>> Is there a scanner which would work with a Maven/JVM project that you can
>> recommend?
>>
>> Cheers,
>>
>> Jim
>>
>>
>> On 06/07/2018 02:18 PM, Joe Murphy wrote:
>>
>> Not to try and start a huge discussion; but since the cat is out of the
>> bag so to speak, I also knew of this quite some time(1year+) ago. I don't
>> have the resources to add bugs to the JIRA, but I was able to find/fix
>> locally very easily (what you do with open source). I guess I was wondering
>> if you guys are scanning with any of the free tools, including the one
>> right on Github that would have spotted this and others.
>>
>> https://blog.github.com/2017-11-16-introducing-security-alerts-on-github/
>>
>> I used a tool called Twistlock which is a container scanner; but it draws
>> from the same NVD database as the free and Github scanners.
>>
>> All the best,
>> Joe
>>
>> On Thu, Jun 7, 2018 at 5:56 PM, Andrea Aime > > wrote:
>>
>>> Hi Chris,
>>> yes, master. Much appreciated!
>>>
>>> Cheers
>>> Andrea
>>>
>>> On Thu, Jun 7, 2018 at 4:36 PM, Chris Snider <
>>> chris.sni...@polarisalpha.com> wrote:
>>>
 I can try to do that this weekend.  I assume master?



 Chris Snider

 Senior Software Engineer

 [image: cid:image001.png@01D2E6A5.9104F820]



 *From:* andrea.a...@gmail.com [mailto:andrea.a...@gmail.com] *On
 Behalf Of *Andrea Aime
 *Sent:* Thursday, June 07, 2018 8:25 AM
 *To:* Chris Snider 
 *Cc:* Dave Wichers ;
 geoserver-users@lists.sourceforge.net

 *Subject:* Re: [Geoserver-users] Known vulnerability in
 commons-fileupload v1.2.1, used by geoserver



 Hi Chris,

 that's a sensible suggestion. The web site is on gihub, any chance you
 could do a pull request? I'm swamped...



 https://github.com/geoserver/geoserver.github.io



 Cheers

 Andrea





 On Thu, Jun 7, 2018 at 4:18 PM, Chris Snider <
 chris.sni...@polarisalpha.com> wrote:

 Andrea,



 It took me a second to find the security block.  I completely
 overlooked the blue field.



 Maybe add a new header under the “User List”

 User List

 This list is for end users blah blah blah



 Reporting Security Vulnerabilities

 If you encounter a security vulnerability blah blah blah



 Posting Guidelines

 Please read through etc. etc. etc.

 Thought I’d say blah again didn’t you



 Developer Lists

 The rest of the page, and so on







 This might draw attention?



 Chris Snider

 Senior Software Engineer

 [image: cid:image001.png@01D2E6A5.9104F820]



 *From:* Andrea Aime [mailto:andrea.a...@geo-solutions.it]
 *Sent:* Thursday, June 07, 2018 12:23 AM
 *To:* Dave Wichers 
 *Cc:* geoserver-users@lists.sourceforge.net
 *Subject:* Re: [Geoserver-users] Known vulnerability in
 commons-fileupload v1.2.1, used by geoserver



 The comm page, where I believe you found info on registering for the
 user list,

 has a clear warning not to post security vulnerabilities:



 http://geoserver.org/comm/



 "If you encounter a security vulnerability in GeoServer please take
 care to report the issue in a responsible fashion. Do not use the mai

Re: [Geoserver-users] Known vulnerability in commons-fileupload v1.2.1, used by geoserver

2018-06-07 Thread Andrea Aime 
Hi Jim,
Dave already suggested an approach.. that should not be too hard, maybe
setting up a Jenkins build
that reports only to the PSC... that's not the problem, it's a one time
thing.

It's upgrading the libraries that will be trouble, we depend on various old
ones, we tried to organize
a code sprint with many devs, but failed to get it going (when Jody
proposed to do 2 or 3 sprints
on different topics everybody looked elsewhere, it was just not serious,
finding time for one co-located
sprint a year is already hard enough).

My hope is that commons-fileupload will be a seamless upgrade, but in
general, we'll need a concerted
effort, various devs for one week, to get widespread upgrades going (e.g.,
many of the libs we're using
have done API or format breaking changes, it will not be a simple "change
the dep and rebuid" gig).

Cheers
Andrea


On Thu, Jun 7, 2018 at 8:43 PM, Jim Hughes  wrote:

> Hi Joe,
>
> The GitHub security alerts seem to only be available for JavaScript and
> Ruby.
>
> Is there a scanner which would work with a Maven/JVM project that you can
> recommend?
>
> Cheers,
>
> Jim
>
>
> On 06/07/2018 02:18 PM, Joe Murphy wrote:
>
> Not to try and start a huge discussion; but since the cat is out of the
> bag so to speak, I also knew of this quite some time(1year+) ago. I don't
> have the resources to add bugs to the JIRA, but I was able to find/fix
> locally very easily (what you do with open source). I guess I was wondering
> if you guys are scanning with any of the free tools, including the one
> right on Github that would have spotted this and others.
>
> https://blog.github.com/2017-11-16-introducing-security-alerts-on-github/
>
> I used a tool called Twistlock which is a container scanner; but it draws
> from the same NVD database as the free and Github scanners.
>
> All the best,
> Joe
>
> On Thu, Jun 7, 2018 at 5:56 PM, Andrea Aime 
> wrote:
>
>> Hi Chris,
>> yes, master. Much appreciated!
>>
>> Cheers
>> Andrea
>>
>> On Thu, Jun 7, 2018 at 4:36 PM, Chris Snider <
>> chris.sni...@polarisalpha.com> wrote:
>>
>>> I can try to do that this weekend.  I assume master?
>>>
>>>
>>>
>>> Chris Snider
>>>
>>> Senior Software Engineer
>>>
>>> [image: cid:image001.png@01D2E6A5.9104F820]
>>>
>>>
>>>
>>> *From:* andrea.a...@gmail.com [mailto:andrea.a...@gmail.com] *On Behalf
>>> Of *Andrea Aime
>>> *Sent:* Thursday, June 07, 2018 8:25 AM
>>> *To:* Chris Snider 
>>> *Cc:* Dave Wichers ; geoserver-users@lists.sourcefo
>>> rge.net
>>>
>>> *Subject:* Re: [Geoserver-users] Known vulnerability in
>>> commons-fileupload v1.2.1, used by geoserver
>>>
>>>
>>>
>>> Hi Chris,
>>>
>>> that's a sensible suggestion. The web site is on gihub, any chance you
>>> could do a pull request? I'm swamped...
>>>
>>>
>>>
>>> https://github.com/geoserver/geoserver.github.io
>>>
>>>
>>>
>>> Cheers
>>>
>>> Andrea
>>>
>>>
>>>
>>>
>>>
>>> On Thu, Jun 7, 2018 at 4:18 PM, Chris Snider <
>>> chris.sni...@polarisalpha.com> wrote:
>>>
>>> Andrea,
>>>
>>>
>>>
>>> It took me a second to find the security block.  I completely overlooked
>>> the blue field.
>>>
>>>
>>>
>>> Maybe add a new header under the “User List”
>>>
>>> User List
>>>
>>> This list is for end users blah blah blah
>>>
>>>
>>>
>>> Reporting Security Vulnerabilities
>>>
>>> If you encounter a security vulnerability blah blah blah
>>>
>>>
>>>
>>> Posting Guidelines
>>>
>>> Please read through etc. etc. etc.
>>>
>>> Thought I’d say blah again didn’t you
>>>
>>>
>>>
>>> Developer Lists
>>>
>>> The rest of the page, and so on
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> This might draw attention?
>>>
>>>
>>>
>>> Chris Snider
>>>
>>> Senior Software Engineer
>>>
>>> [image: cid:image001.png@01D2E6A5.9104F820]
>>>
>>>
>>>
>>> *From:* Andrea Aime [mailto:andrea.a...@geo-solutions.it]
>>> *Sent:* Thursday, June 07, 2018 12:23 AM
>>> *To:* Dave Wichers 
>>> *Cc:* geoserver-users@lists.sourceforge.net
>>> *Subject:* Re: [Geoserver-users] Known vulnerability in
>>> commons-fileupload v1.2.1, used by geoserver
>>>
>>>
>>>
>>> The comm page, where I believe you found info on registering for the
>>> user list,
>>>
>>> has a clear warning not to post security vulnerabilities:
>>>
>>>
>>>
>>> http://geoserver.org/comm/
>>>
>>>
>>>
>>> "If you encounter a security vulnerability in GeoServer please take care
>>> to report the issue in a responsible fashion. Do not use the mailing list,
>>> go intead to the Jira bug tracker instead and follow the "Responsible
>>> disclosure" instructions there."
>>>
>>>
>>>
>>> How do we make it more plain and evident so that grave mistakes do not
>>> occur anymore in the future?
>>>
>>> Maybe we should switch the background color of that box to red...
>>>
>>>
>>>
>>> Regards
>>>
>>> Andrea
>>>
>>>
>>>
>>> 
>>>
>>>
>>>
>>>
>>>
>>> --
>>>
>>> Regards, Andrea Aime == GeoServer Professional Services from the
>>> experts! Visit http://goo.gl/it488V for more information. == Ing.
>>> Andrea Aime @geowolf Technical Lead GeoSolutions S.A.S. Via di
>>> Montramito 3/A 55054 Ma

Re: [Geoserver-users] Known vulnerability in commons-fileupload v1.2.1, used by geoserver

2018-06-07 Thread Jim Hughes 

Hi Joe,

The GitHub security alerts seem to only be available for JavaScript and 
Ruby.


Is there a scanner which would work with a Maven/JVM project that you 
can recommend?


Cheers,

Jim

On 06/07/2018 02:18 PM, Joe Murphy wrote:
Not to try and start a huge discussion; but since the cat is out of 
the bag so to speak, I also knew of this quite some time(1year+) ago. 
I don't have the resources to add bugs to the JIRA, but I was able to 
find/fix locally very easily (what you do with open source). I guess I 
was wondering if you guys are scanning with any of the free tools, 
including the one right on Github that would have spotted this and 
others.


https://blog.github.com/2017-11-16-introducing-security-alerts-on-github/

I used a tool called Twistlock which is a container scanner; but it 
draws from the same NVD database as the free and Github scanners.


All the best,
Joe

On Thu, Jun 7, 2018 at 5:56 PM, Andrea Aime 
mailto:andrea.a...@geo-solutions.it>> 
wrote:


Hi Chris,
yes, master. Much appreciated!

Cheers
Andrea

On Thu, Jun 7, 2018 at 4:36 PM, Chris Snider
mailto:chris.sni...@polarisalpha.com>> wrote:

I can try to do that this weekend.  I assume master?

Chris Snider

Senior Software Engineer

cid:image001.png@01D2E6A5.9104F820

*From:* andrea.a...@gmail.com 
[mailto:andrea.a...@gmail.com ]
*On Behalf Of *Andrea Aime
*Sent:* Thursday, June 07, 2018 8:25 AM
*To:* Chris Snider mailto:chris.sni...@polarisalpha.com>>
*Cc:* Dave Wichers mailto:dave.wich...@ey.com>>;
geoserver-users@lists.sourceforge.net



*Subject:* Re: [Geoserver-users] Known vulnerability in
commons-fileupload v1.2.1, used by geoserver

Hi Chris,

that's a sensible suggestion. The web site is on gihub, any
chance you could do a pull request? I'm swamped...

https://github.com/geoserver/geoserver.github.io


Cheers

Andrea

On Thu, Jun 7, 2018 at 4:18 PM, Chris Snider
mailto:chris.sni...@polarisalpha.com>> wrote:

Andrea,

It took me a second to find the security block.  I
completely overlooked the blue field.

Maybe add a new header under the “User List”

User List

This list is for end users blah blah blah

Reporting Security Vulnerabilities

If you encounter a security vulnerability blah blah blah

Posting Guidelines

Please read through etc. etc. etc.

Thought I’d say blah again didn’t you

Developer Lists

The rest of the page, and so on

This might draw attention?

Chris Snider

Senior Software Engineer

cid:image001.png@01D2E6A5.9104F820

*From:* Andrea Aime [mailto:andrea.a...@geo-solutions.it
]
*Sent:* Thursday, June 07, 2018 12:23 AM
*To:* Dave Wichers mailto:dave.wich...@ey.com>>
*Cc:* geoserver-users@lists.sourceforge.net

*Subject:* Re: [Geoserver-users] Known vulnerability in
commons-fileupload v1.2.1, used by geoserver

The comm page, where I believe you found info on
registering for the user list,

has a clear warning not to post security vulnerabilities:

http://geoserver.org/comm/

"If you encounter a security vulnerability in GeoServer
please take care to report the issue in a responsible
fashion. Do not use the mailing list, go intead to the
Jira bug tracker instead and follow the "Responsible
disclosure" instructions there."

How do we make it more plain and evident so that grave
mistakes do not occur anymore in the future?

Maybe we should switch the background color of that box to
red...

Regards

Andrea





-- 


Regards, Andrea Aime == GeoServer Professional Services from
the experts! Visit http://goo.gl/it488V for more information.
== Ing. Andrea Aime @geowolf Technical Lead GeoSolutions
S.A.S. Via di Montramito 3/A 55054 Massarosa


(LU) phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339
8844549 http://www.geo-solutions.it
http://twitter.com/geosolutions_it

--- /Con
riferimento alla normativa sul tratta

Re: [Geoserver-users] Known vulnerability in commons-fileupload v1.2.1, used by geoserver

2018-06-07 Thread Joe Murphy 
Not to try and start a huge discussion; but since the cat is out of the bag
so to speak, I also knew of this quite some time(1year+) ago. I don't have
the resources to add bugs to the JIRA, but I was able to find/fix locally
very easily (what you do with open source). I guess I was wondering if you
guys are scanning with any of the free tools, including the one right on
Github that would have spotted this and others.

https://blog.github.com/2017-11-16-introducing-security-alerts-on-github/

I used a tool called Twistlock which is a container scanner; but it draws
from the same NVD database as the free and Github scanners.

All the best,
Joe

On Thu, Jun 7, 2018 at 5:56 PM, Andrea Aime 
wrote:

> Hi Chris,
> yes, master. Much appreciated!
>
> Cheers
> Andrea
>
> On Thu, Jun 7, 2018 at 4:36 PM, Chris Snider <
> chris.sni...@polarisalpha.com> wrote:
>
>> I can try to do that this weekend.  I assume master?
>>
>>
>>
>> Chris Snider
>>
>> Senior Software Engineer
>>
>> [image: cid:image001.png@01D2E6A5.9104F820]
>>
>>
>>
>> *From:* andrea.a...@gmail.com [mailto:andrea.a...@gmail.com] *On Behalf
>> Of *Andrea Aime
>> *Sent:* Thursday, June 07, 2018 8:25 AM
>> *To:* Chris Snider 
>> *Cc:* Dave Wichers ; geoserver-users@lists.sourcefo
>> rge.net
>>
>> *Subject:* Re: [Geoserver-users] Known vulnerability in
>> commons-fileupload v1.2.1, used by geoserver
>>
>>
>>
>> Hi Chris,
>>
>> that's a sensible suggestion. The web site is on gihub, any chance you
>> could do a pull request? I'm swamped...
>>
>>
>>
>> https://github.com/geoserver/geoserver.github.io
>>
>>
>>
>> Cheers
>>
>> Andrea
>>
>>
>>
>>
>>
>> On Thu, Jun 7, 2018 at 4:18 PM, Chris Snider <
>> chris.sni...@polarisalpha.com> wrote:
>>
>> Andrea,
>>
>>
>>
>> It took me a second to find the security block.  I completely overlooked
>> the blue field.
>>
>>
>>
>> Maybe add a new header under the “User List”
>>
>> User List
>>
>> This list is for end users blah blah blah
>>
>>
>>
>> Reporting Security Vulnerabilities
>>
>> If you encounter a security vulnerability blah blah blah
>>
>>
>>
>> Posting Guidelines
>>
>> Please read through etc. etc. etc.
>>
>> Thought I’d say blah again didn’t you
>>
>>
>>
>> Developer Lists
>>
>> The rest of the page, and so on
>>
>>
>>
>>
>>
>>
>>
>> This might draw attention?
>>
>>
>>
>> Chris Snider
>>
>> Senior Software Engineer
>>
>> [image: cid:image001.png@01D2E6A5.9104F820]
>>
>>
>>
>> *From:* Andrea Aime [mailto:andrea.a...@geo-solutions.it]
>> *Sent:* Thursday, June 07, 2018 12:23 AM
>> *To:* Dave Wichers 
>> *Cc:* geoserver-users@lists.sourceforge.net
>> *Subject:* Re: [Geoserver-users] Known vulnerability in
>> commons-fileupload v1.2.1, used by geoserver
>>
>>
>>
>> The comm page, where I believe you found info on registering for the user
>> list,
>>
>> has a clear warning not to post security vulnerabilities:
>>
>>
>>
>> http://geoserver.org/comm/
>>
>>
>>
>> "If you encounter a security vulnerability in GeoServer please take care
>> to report the issue in a responsible fashion. Do not use the mailing list,
>> go intead to the Jira bug tracker instead and follow the "Responsible
>> disclosure" instructions there."
>>
>>
>>
>> How do we make it more plain and evident so that grave mistakes do not
>> occur anymore in the future?
>>
>> Maybe we should switch the background color of that box to red...
>>
>>
>>
>> Regards
>>
>> Andrea
>>
>>
>>
>> 
>>
>>
>>
>>
>>
>> --
>>
>> Regards, Andrea Aime == GeoServer Professional Services from the experts!
>> Visit http://goo.gl/it488V for more information. == Ing. Andrea Aime
>> @geowolf Technical Lead GeoSolutions S.A.S. Via di Montramito 3/A 55054
>> Massarosa
>> 
>> (LU) phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339 8844549
>> http://www.geo-solutions.it http://twitter.com/geosolutions_it
>> --- *Con riferimento
>> alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 -
>> Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni
>> circostanza inerente alla presente email (il suo contenuto, gli eventuali
>> allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i
>> destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per
>> errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le
>> sarei comunque grato se potesse darmene notizia. This email is intended
>> only for the person or entity to which it is addressed and may contain
>> information that is privileged, confidential or otherwise protected from
>> disclosure. We remind that - as provided by European Regulation 2016/679
>> “GDPR” - copying, dissemination or use of this e-mail or the information
>> herein by anyone other than the intended recipient is prohibited. If you
>> have received this email by mistake, please notify us immediately by
>> telephone or e-mail.*
>>
>
>
>
> --
>
> Regards, Andrea Aime

Re: [Geoserver-users] Known vulnerability in commons-fileupload v1.2.1, used by geoserver

2018-06-07 Thread Andrea Aime 
Hi Chris,
yes, master. Much appreciated!

Cheers
Andrea

On Thu, Jun 7, 2018 at 4:36 PM, Chris Snider 
wrote:

> I can try to do that this weekend.  I assume master?
>
>
>
> Chris Snider
>
> Senior Software Engineer
>
> [image: cid:image001.png@01D2E6A5.9104F820]
>
>
>
> *From:* andrea.a...@gmail.com [mailto:andrea.a...@gmail.com] *On Behalf
> Of *Andrea Aime
> *Sent:* Thursday, June 07, 2018 8:25 AM
> *To:* Chris Snider 
> *Cc:* Dave Wichers ; geoserver-users@lists.
> sourceforge.net
>
> *Subject:* Re: [Geoserver-users] Known vulnerability in
> commons-fileupload v1.2.1, used by geoserver
>
>
>
> Hi Chris,
>
> that's a sensible suggestion. The web site is on gihub, any chance you
> could do a pull request? I'm swamped...
>
>
>
> https://github.com/geoserver/geoserver.github.io
>
>
>
> Cheers
>
> Andrea
>
>
>
>
>
> On Thu, Jun 7, 2018 at 4:18 PM, Chris Snider <
> chris.sni...@polarisalpha.com> wrote:
>
> Andrea,
>
>
>
> It took me a second to find the security block.  I completely overlooked
> the blue field.
>
>
>
> Maybe add a new header under the “User List”
>
> User List
>
> This list is for end users blah blah blah
>
>
>
> Reporting Security Vulnerabilities
>
> If you encounter a security vulnerability blah blah blah
>
>
>
> Posting Guidelines
>
> Please read through etc. etc. etc.
>
> Thought I’d say blah again didn’t you
>
>
>
> Developer Lists
>
> The rest of the page, and so on
>
>
>
>
>
>
>
> This might draw attention?
>
>
>
> Chris Snider
>
> Senior Software Engineer
>
> [image: cid:image001.png@01D2E6A5.9104F820]
>
>
>
> *From:* Andrea Aime [mailto:andrea.a...@geo-solutions.it]
> *Sent:* Thursday, June 07, 2018 12:23 AM
> *To:* Dave Wichers 
> *Cc:* geoserver-users@lists.sourceforge.net
> *Subject:* Re: [Geoserver-users] Known vulnerability in
> commons-fileupload v1.2.1, used by geoserver
>
>
>
> The comm page, where I believe you found info on registering for the user
> list,
>
> has a clear warning not to post security vulnerabilities:
>
>
>
> http://geoserver.org/comm/
>
>
>
> "If you encounter a security vulnerability in GeoServer please take care
> to report the issue in a responsible fashion. Do not use the mailing list,
> go intead to the Jira bug tracker instead and follow the "Responsible
> disclosure" instructions there."
>
>
>
> How do we make it more plain and evident so that grave mistakes do not
> occur anymore in the future?
>
> Maybe we should switch the background color of that box to red...
>
>
>
> Regards
>
> Andrea
>
>
>
> 
>
>
>
>
>
> --
>
> Regards, Andrea Aime == GeoServer Professional Services from the experts!
> Visit http://goo.gl/it488V for more information. == Ing. Andrea Aime
> @geowolf Technical Lead GeoSolutions S.A.S. Via di Montramito 3/A 55054
> Massarosa
> 
> (LU) phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339 8844549
> http://www.geo-solutions.it http://twitter.com/geosolutions_it
> --- *Con riferimento
> alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 -
> Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni
> circostanza inerente alla presente email (il suo contenuto, gli eventuali
> allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i
> destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per
> errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le
> sarei comunque grato se potesse darmene notizia. This email is intended
> only for the person or entity to which it is addressed and may contain
> information that is privileged, confidential or otherwise protected from
> disclosure. We remind that - as provided by European Regulation 2016/679
> “GDPR” - copying, dissemination or use of this e-mail or the information
> herein by anyone other than the intended recipient is prohibited. If you
> have received this email by mistake, please notify us immediately by
> telephone or e-mail.*
>



-- 

Regards, Andrea Aime == GeoServer Professional Services from the experts!
Visit http://goo.gl/it488V for more information. == Ing. Andrea Aime
@geowolf Technical Lead GeoSolutions S.A.S. Via di Montramito 3/A 55054
Massarosa (LU) phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339
8844549 http://www.geo-solutions.it http://twitter.com/geosolutions_it
--- *Con riferimento
alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 -
Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni
circostanza inerente alla presente email (il suo contenuto, gli eventuali
allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i
destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per
errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le
sarei comunque grato se potesse darmene notizia. This email is intended
only for the

Re: [Geoserver-users] Known vulnerability in commons-fileupload v1.2.1, used by geoserver

2018-06-07 Thread Chris Snider 
Andrea,

It took me a second to find the security block.  I completely overlooked the 
blue field.

Maybe add a new header under the “User List”
User List
This list is for end users blah blah blah

Reporting Security Vulnerabilities
If you encounter a security vulnerability blah blah blah

Posting Guidelines
Please read through etc. etc. etc.
Thought I’d say blah again didn’t you

Developer Lists
The rest of the page, and so on



This might draw attention?

Chris Snider
Senior Software Engineer
[cid:image001.png@01D2E6A5.9104F820]

From: Andrea Aime [mailto:andrea.a...@geo-solutions.it]
Sent: Thursday, June 07, 2018 12:23 AM
To: Dave Wichers 
Cc: geoserver-users@lists.sourceforge.net
Subject: Re: [Geoserver-users] Known vulnerability in commons-fileupload 
v1.2.1, used by geoserver

The comm page, where I believe you found info on registering for the user list,
has a clear warning not to post security vulnerabilities:

http://geoserver.org/comm/

"If you encounter a security vulnerability in GeoServer please take care to 
report the issue in a responsible fashion. Do not use the mailing list, go 
intead to the Jira bug tracker instead and follow the "Responsible disclosure" 
instructions there."

How do we make it more plain and evident so that grave mistakes do not occur 
anymore in the future?
Maybe we should switch the background color of that box to red...

Regards
Andrea


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] outputformat getfeature 2.0.0 (2.13.1)

2018-06-07 Thread Andrea Aime 
As far as I remember, the old format was not compliant with the WFS 2.0 OGC
specification and got fixed as a consequence.

Cheers
Andrea

On Thu, Jun 7, 2018 at 4:09 PM, Verbeeck Bart (AIV) <
bart.verbe...@kb.vlaanderen.be> wrote:

> Dear List
>
> Why is the default outputformat for a wfs (2.0.0) request in version
> 2.13.1 "Content-Type: application/gml+xml; version=3.2"
>
> It used to be (2.11.1 for instance) "Content-Type: text/xml;
> subtype=gml/3.2"
>
> Even if I ask for "text/xml; subtype=gml/3.2", I receive
> application/gml+xml; version=3.2
>
> Thanks for the info
>
> Bart
>
> -Original Message-
> From: Nuno Oliveira [mailto:nuno.olive...@geo-solutions.it]
> Sent: donderdag 7 juni 2018 9:40
> To: geoserver-users@lists.sourceforge.net
> Subject: Re: [Geoserver-users] Geoserver WFS 2.0 combined with app-schema
>
> Good point Ben, thanks for the heads up !
>
> On 06/07/2018 01:07 AM, Ben Caradoc-Davies wrote:
> > On 07/06/18 08:37, Nuno Oliveira wrote:
> >> Regarding this request you are asking for GML3 ... which implies WFS
> >> 1.1.0 and GML 3 schemas. Your target INSPIRE schema uses GML32, so
> >> you should request for GML32 output IMHO:
> >> https://geo.sv.rostock.de/inspire/us-govserv-schools/ows?service=WFS&;
> >> version=2.0.0&request=GetFeature&typeNames=us-govserv-schools:Governm
> >> entalService&*outputFormat=gml32*&maxFeatures=1
> >
> >
> > Tim,
> >
> > in my email client, viewing as plain text, this URL contains "*" for
> > bold around "outputFormat=gml32". Be sure to remove these if your
> > email client adds them.  :-)
> >
> > Kind regards,
> >
>
> --
> Regards,
> Nuno Oliveira
> ==
> GeoServer Professional Services from the experts!
> Visit http://goo.gl/it488V for more information.
> ==
>
> Nuno Miguel Carvalho Oliveira
> @nmcoliveira
> Software Engineer
>
> GeoSolutions S.A.S.
> Via di Montramito 3/A
> 55054  Massarosa (LU)
> Italy
> phone: +39 0584 962313
> fax:  +39 0584 1660272
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> ---
>
> Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE
> 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si
> precisa che ogni circostanza inerente alla presente email (il suo
> contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è
> riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il
> messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra
> operazione è illecita.
> Le sarei comunque grato se potesse darmene notizia.
>
> This email is intended only for the person or entity to which it is
> addressed and may contain information that is privileged, confidential or
> otherwise protected from disclosure. We remind that - as provided by
> European Regulation 2016/679 “GDPR” - copying, dissemination or use of this
> e-mail or the information herein by anyone other than the intended
> recipient is prohibited. If you have received this email by mistake, please
> notify us immediately by telephone or e-mail.
>
>
> 
> --
> Check out the vibrant tech community on one of the world's most engaging
> tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Geoserver-users mailing list
>
> Please make sure you read the following two resources before posting to
> this list:
> - Earning your support instead of buying it, but Ian Turton:
> http://www.ianturton.com/talks/foss4g.html#/
> - The GeoServer user list posting guidelines: http://geoserver.org/comm/
> userlist-guidelines.html
>
> If you want to request a feature or an improvement, also see this:
> https://github.com/geoserver/geoserver/wiki/Successfully-
> requesting-and-integrating-new-features-and-improvements-in-GeoServer
>
>
> Geoserver-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Geoserver-users mailing list
>
> Please make sure you read the following two resources before posting to
> this list:
> - Earning your support instead of buying it, but Ian Turton:
> http://www.ianturton.com/talks/foss4g.html#/
> - The GeoServer user list posting guidelines: http://geoserver.org/comm/
> userlist-guidelines.html
>
> If you want to request a feature or an improvement, also see this:
> https://github.com/geoserver/geoserver/wiki/Successfully-
> requesting-and-integrating-new-features-and-improvements-in-GeoServer
>
>
> Geoserver-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>



-- 

Regards, Andrea Aime == GeoServer Professional Services from the experts!
Visit http://goo.

[Geoserver-users] outputformat getfeature 2.0.0 (2.13.1)

2018-06-07 Thread Verbeeck Bart (AIV) 
Dear List

Why is the default outputformat for a wfs (2.0.0) request in version 2.13.1 
"Content-Type: application/gml+xml; version=3.2"

It used to be (2.11.1 for instance) "Content-Type: text/xml; subtype=gml/3.2"

Even if I ask for "text/xml; subtype=gml/3.2", I receive application/gml+xml; 
version=3.2

Thanks for the info

Bart

-Original Message-
From: Nuno Oliveira [mailto:nuno.olive...@geo-solutions.it] 
Sent: donderdag 7 juni 2018 9:40
To: geoserver-users@lists.sourceforge.net
Subject: Re: [Geoserver-users] Geoserver WFS 2.0 combined with app-schema

Good point Ben, thanks for the heads up !

On 06/07/2018 01:07 AM, Ben Caradoc-Davies wrote:
> On 07/06/18 08:37, Nuno Oliveira wrote:
>> Regarding this request you are asking for GML3 ... which implies WFS 
>> 1.1.0 and GML 3 schemas. Your target INSPIRE schema uses GML32, so 
>> you should request for GML32 output IMHO:
>> https://geo.sv.rostock.de/inspire/us-govserv-schools/ows?service=WFS&;
>> version=2.0.0&request=GetFeature&typeNames=us-govserv-schools:Governm
>> entalService&*outputFormat=gml32*&maxFeatures=1
>
>
> Tim,
>
> in my email client, viewing as plain text, this URL contains "*" for 
> bold around "outputFormat=gml32". Be sure to remove these if your 
> email client adds them.  :-)
>
> Kind regards,
>

--
Regards,
Nuno Oliveira
==
GeoServer Professional Services from the experts!
Visit http://goo.gl/it488V for more information.
==

Nuno Miguel Carvalho Oliveira
@nmcoliveira
Software Engineer

GeoSolutions S.A.S.
Via di Montramito 3/A
55054  Massarosa (LU)
Italy
phone: +39 0584 962313
fax:  +39 0584 1660272

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

---

Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE 
2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si precisa 
che ogni circostanza inerente alla presente email (il suo contenuto, gli 
eventuali allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i 
destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per 
errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita.
Le sarei comunque grato se potesse darmene notizia.

This email is intended only for the person or entity to which it is addressed 
and may contain information that is privileged, confidential or otherwise 
protected from disclosure. We remind that - as provided by European Regulation 
2016/679 “GDPR” - copying, dissemination or use of this e-mail or the 
information herein by anyone other than the intended recipient is prohibited. 
If you have received this email by mistake, please notify us immediately by 
telephone or e-mail.


--
Check out the vibrant tech community on one of the world's most engaging tech 
sites, Slashdot.org! http://sdm.link/slashdot 
___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Curve support for SQL Server

2018-06-07 Thread Olle Markljung 
Hehe yeah I understand :)

I’ll try to make the estimate myself.

/Olle


tors 7 juni 2018 kl. 17:28 skrev Andrea Aime :

> Hi Olle,
> I have them, but we don't discuss estimates outside of private business
> inquiries, sorry :-)
> That said, estimates are personal, they change depending on experience,
> topic and the like, so
> they would not be much use anyways.
>
> If you decide you want someone else to do it for you, you can contact
> commercial support providers
> to get an estimate:
> http://geoserver.org/support/
>
> Cheers
> Andrea
>
>
> On Thu, Jun 7, 2018 at 4:46 PM, Olle Markljung 
> wrote:
>
>> Hi Andrea and Mark
>>
>> Thank you for the swift response!
>>
>> Andrea, do you have a ballpark number of hours it took to implement the
>> support for curves in Oracle or PostGIS?
>>
>> Mark, did you have an estimation to complete the work you started?
>>
>> If I don’t find the time myself I’ll try to find funding and seek
>> commercial help and then it would be great to have a ballpark number to
>> start with.
>>
>> Regards,
>> Olle Markljung
>>
>> tors 7 juni 2018 kl. 14:58 skrev Mark Prins :
>>
>>> On 07-06-18 13:32, Olle Markljung wrote:
>>> > Hello all
>>> >
>>> > I have users that would be helped if curve support for SQL Server
>>> became
>>> > real.
>>> > I'm not sure if the implementation is needed in GeoServer or GeoTools
>>> > but I reach out here first.
>>> >
>>> > Are there others also seeking this support?
>>>
>>> Ik had a look into this some years ago but our funding evaporated, so it
>>> stranded, see https://osgeo-org.atlassian.net/browse/GEOT-5512
>>>
>>> some unfinished work is in:
>>>
>>> https://github.com/mprins/geotools/commit/e43286e7bae7101af0dad4edbee40f99ca81d4eb
>>>
>>> docs are available at:
>>>
>>> https://msdn.microsoft.com/en-us/library/ee320858%28v=sql.105%29.aspx?f=255&MSPPError=-2147217396
>>>
>>> Mark
>>>
>>>
>>> --
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>> ___
>>> Geoserver-users mailing list
>>>
>>> Please make sure you read the following two resources before posting to
>>> this list:
>>> - Earning your support instead of buying it, but Ian Turton:
>>> http://www.ianturton.com/talks/foss4g.html#/
>>> - The GeoServer user list posting guidelines:
>>> http://geoserver.org/comm/userlist-guidelines.html
>>>
>>> If you want to request a feature or an improvement, also see this:
>>> https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer
>>>
>>>
>>> Geoserver-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>>>
>>
>>
>> --
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> ___
>> Geoserver-users mailing list
>>
>> Please make sure you read the following two resources before posting to
>> this list:
>> - Earning your support instead of buying it, but Ian Turton:
>> http://www.ianturton.com/talks/foss4g.html#/
>> - The GeoServer user list posting guidelines:
>> http://geoserver.org/comm/userlist-guidelines.html
>>
>> If you want to request a feature or an improvement, also see this:
>> https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer
>>
>>
>> Geoserver-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>>
>>
>
>
> --
>
> Regards, Andrea Aime == GeoServer Professional Services from the experts!
> Visit http://goo.gl/it488V for more information. == Ing. Andrea Aime
> @geowolf Technical Lead GeoSolutions S.A.S. Via di Montramito 3/A 55054
> Massarosa
> 
> (LU) phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339 8844549
> http://www.geo-solutions.it http://twitter.com/geosolutions_it
> --- *Con riferimento
> alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 -
> Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni
> circostanza inerente alla presente email (il suo contenuto, gli eventuali
> allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i
> destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per
> errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le
> sarei comunque grato se potesse darmene notizia. This email is intended
> only for the person or entity to which it is addressed and may contain
> information that is privileged, confidential or otherwise protected from
> disclosure. We remind that - as

Re: [Geoserver-users] Curve support for SQL Server

2018-06-07 Thread Andrea Aime 
Hi Olle,
I have them, but we don't discuss estimates outside of private business
inquiries, sorry :-)
That said, estimates are personal, they change depending on experience,
topic and the like, so
they would not be much use anyways.

If you decide you want someone else to do it for you, you can contact
commercial support providers
to get an estimate:
http://geoserver.org/support/

Cheers
Andrea


On Thu, Jun 7, 2018 at 4:46 PM, Olle Markljung  wrote:

> Hi Andrea and Mark
>
> Thank you for the swift response!
>
> Andrea, do you have a ballpark number of hours it took to implement the
> support for curves in Oracle or PostGIS?
>
> Mark, did you have an estimation to complete the work you started?
>
> If I don’t find the time myself I’ll try to find funding and seek
> commercial help and then it would be great to have a ballpark number to
> start with.
>
> Regards,
> Olle Markljung
>
> tors 7 juni 2018 kl. 14:58 skrev Mark Prins :
>
>> On 07-06-18 13:32, Olle Markljung wrote:
>> > Hello all
>> >
>> > I have users that would be helped if curve support for SQL Server
>> became
>> > real.
>> > I'm not sure if the implementation is needed in GeoServer or GeoTools
>> > but I reach out here first.
>> >
>> > Are there others also seeking this support?
>>
>> Ik had a look into this some years ago but our funding evaporated, so it
>> stranded, see https://osgeo-org.atlassian.net/browse/GEOT-5512
>>
>> some unfinished work is in:
>> https://github.com/mprins/geotools/commit/e43286e7bae7101af0dad4edbee40f
>> 99ca81d4eb
>>
>> docs are available at:
>> https://msdn.microsoft.com/en-us/library/ee320858%28v=sql.
>> 105%29.aspx?f=255&MSPPError=-2147217396
>>
>> Mark
>>
>> 
>> --
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> ___
>> Geoserver-users mailing list
>>
>> Please make sure you read the following two resources before posting to
>> this list:
>> - Earning your support instead of buying it, but Ian Turton:
>> http://www.ianturton.com/talks/foss4g.html#/
>> - The GeoServer user list posting guidelines: http://geoserver.org/comm/
>> userlist-guidelines.html
>>
>> If you want to request a feature or an improvement, also see this:
>> https://github.com/geoserver/geoserver/wiki/Successfully-
>> requesting-and-integrating-new-features-and-improvements-in-GeoServer
>>
>>
>> Geoserver-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>>
>
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Geoserver-users mailing list
>
> Please make sure you read the following two resources before posting to
> this list:
> - Earning your support instead of buying it, but Ian Turton:
> http://www.ianturton.com/talks/foss4g.html#/
> - The GeoServer user list posting guidelines: http://geoserver.org/comm/
> userlist-guidelines.html
>
> If you want to request a feature or an improvement, also see this:
> https://github.com/geoserver/geoserver/wiki/Successfully-
> requesting-and-integrating-new-features-and-improvements-in-GeoServer
>
>
> Geoserver-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>
>


-- 

Regards, Andrea Aime == GeoServer Professional Services from the experts!
Visit http://goo.gl/it488V for more information. == Ing. Andrea Aime
@geowolf Technical Lead GeoSolutions S.A.S. Via di Montramito 3/A 55054
Massarosa (LU) phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339
8844549 http://www.geo-solutions.it http://twitter.com/geosolutions_it
--- *Con riferimento
alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 -
Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni
circostanza inerente alla presente email (il suo contenuto, gli eventuali
allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i
destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per
errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le
sarei comunque grato se potesse darmene notizia. This email is intended
only for the person or entity to which it is addressed and may contain
information that is privileged, confidential or otherwise protected from
disclosure. We remind that - as provided by European Regulation 2016/679
“GDPR” - copying, dissemination or use of this e-mail or the information
herein by anyone other than the intended recipient is prohibited. If you
have received this email by mistake, please notify us immediately by
telephone or e-mail.*
--
Check

Re: [Geoserver-users] Curve support for SQL Server

2018-06-07 Thread Olle Markljung 
Hi Andrea and Mark

Thank you for the swift response!

Andrea, do you have a ballpark number of hours it took to implement the
support for curves in Oracle or PostGIS?

Mark, did you have an estimation to complete the work you started?

If I don’t find the time myself I’ll try to find funding and seek
commercial help and then it would be great to have a ballpark number to
start with.

Regards,
Olle Markljung

tors 7 juni 2018 kl. 14:58 skrev Mark Prins :

> On 07-06-18 13:32, Olle Markljung wrote:
> > Hello all
> >
> > I have users that would be helped if curve support for SQL Server became
> > real.
> > I'm not sure if the implementation is needed in GeoServer or GeoTools
> > but I reach out here first.
> >
> > Are there others also seeking this support?
>
> Ik had a look into this some years ago but our funding evaporated, so it
> stranded, see https://osgeo-org.atlassian.net/browse/GEOT-5512
>
> some unfinished work is in:
>
> https://github.com/mprins/geotools/commit/e43286e7bae7101af0dad4edbee40f99ca81d4eb
>
> docs are available at:
>
> https://msdn.microsoft.com/en-us/library/ee320858%28v=sql.105%29.aspx?f=255&MSPPError=-2147217396
>
> Mark
>
>
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Geoserver-users mailing list
>
> Please make sure you read the following two resources before posting to
> this list:
> - Earning your support instead of buying it, but Ian Turton:
> http://www.ianturton.com/talks/foss4g.html#/
> - The GeoServer user list posting guidelines:
> http://geoserver.org/comm/userlist-guidelines.html
>
> If you want to request a feature or an improvement, also see this:
> https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer
>
>
> Geoserver-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Known vulnerability in commons-fileupload v1.2.1, used by geoserver

2018-06-07 Thread Chris Snider 
I can try to do that this weekend.  I assume master?

Chris Snider
Senior Software Engineer
[cid:image001.png@01D2E6A5.9104F820]

From: andrea.a...@gmail.com [mailto:andrea.a...@gmail.com] On Behalf Of Andrea 
Aime
Sent: Thursday, June 07, 2018 8:25 AM
To: Chris Snider 
Cc: Dave Wichers ; geoserver-users@lists.sourceforge.net
Subject: Re: [Geoserver-users] Known vulnerability in commons-fileupload 
v1.2.1, used by geoserver

Hi Chris,
that's a sensible suggestion. The web site is on gihub, any chance you could do 
a pull request? I'm swamped...

https://github.com/geoserver/geoserver.github.io

Cheers
Andrea


On Thu, Jun 7, 2018 at 4:18 PM, Chris Snider 
mailto:chris.sni...@polarisalpha.com>> wrote:
Andrea,

It took me a second to find the security block.  I completely overlooked the 
blue field.

Maybe add a new header under the “User List”
User List
This list is for end users blah blah blah

Reporting Security Vulnerabilities
If you encounter a security vulnerability blah blah blah

Posting Guidelines
Please read through etc. etc. etc.
Thought I’d say blah again didn’t you

Developer Lists
The rest of the page, and so on



This might draw attention?

Chris Snider
Senior Software Engineer
[cid:image001.png@01D2E6A5.9104F820]

From: Andrea Aime 
[mailto:andrea.a...@geo-solutions.it]
Sent: Thursday, June 07, 2018 12:23 AM
To: Dave Wichers mailto:dave.wich...@ey.com>>
Cc: 
geoserver-users@lists.sourceforge.net
Subject: Re: [Geoserver-users] Known vulnerability in commons-fileupload 
v1.2.1, used by geoserver

The comm page, where I believe you found info on registering for the user list,
has a clear warning not to post security vulnerabilities:

http://geoserver.org/comm/

"If you encounter a security vulnerability in GeoServer please take care to 
report the issue in a responsible fashion. Do not use the mailing list, go 
intead to the Jira bug tracker instead and follow the "Responsible disclosure" 
instructions there."

How do we make it more plain and evident so that grave mistakes do not occur 
anymore in the future?
Maybe we should switch the background color of that box to red...

Regards
Andrea





--

Regards, Andrea Aime == GeoServer Professional Services from the experts! Visit 
http://goo.gl/it488V for more information. == Ing. Andrea Aime @geowolf 
Technical Lead GeoSolutions S.A.S. Via di Montramito 3/A 55054 Massarosa (LU) 
phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339 8844549 
http://www.geo-solutions.it http://twitter.com/geosolutions_it 
--- Con riferimento alla 
normativa sul trattamento dei dati personali (Reg. UE 2016/679 - Regolamento 
generale sulla protezione dei dati “GDPR”), si precisa che ogni circostanza 
inerente alla presente email (il suo contenuto, gli eventuali allegati, etc.) è 
un dato la cui conoscenza è riservata al/i solo/i destinatario/i indicati dallo 
scrivente. Se il messaggio Le è giunto per errore, è tenuta/o a cancellarlo, 
ogni altra operazione è illecita. Le sarei comunque grato se potesse darmene 
notizia. This email is intended only for the person or entity to which it is 
addressed and may contain information that is privileged, confidential or 
otherwise protected from disclosure. We remind that - as provided by European 
Regulation 2016/679 “GDPR” - copying, dissemination or use of this e-mail or 
the information herein by anyone other than the intended recipient is 
prohibited. If you have received this email by mistake, please notify us 
immediately by telephone or e-mail.
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Known vulnerability in commons-fileupload v1.2.1, used by geoserver

2018-06-07 Thread Andrea Aime 
Hi Chris,
that's a sensible suggestion. The web site is on gihub, any chance you
could do a pull request? I'm swamped...

https://github.com/geoserver/geoserver.github.io

Cheers
Andrea


On Thu, Jun 7, 2018 at 4:18 PM, Chris Snider 
wrote:

> Andrea,
>
>
>
> It took me a second to find the security block.  I completely overlooked
> the blue field.
>
>
>
> Maybe add a new header under the “User List”
>
> User List
>
> This list is for end users blah blah blah
>
>
>
> Reporting Security Vulnerabilities
>
> If you encounter a security vulnerability blah blah blah
>
>
>
> Posting Guidelines
>
> Please read through etc. etc. etc.
>
> Thought I’d say blah again didn’t you
>
>
>
> Developer Lists
>
> The rest of the page, and so on
>
>
>
>
>
>
>
> This might draw attention?
>
>
>
> Chris Snider
>
> Senior Software Engineer
>
> [image: cid:image001.png@01D2E6A5.9104F820]
>
>
>
> *From:* Andrea Aime [mailto:andrea.a...@geo-solutions.it]
> *Sent:* Thursday, June 07, 2018 12:23 AM
> *To:* Dave Wichers 
> *Cc:* geoserver-users@lists.sourceforge.net
> *Subject:* Re: [Geoserver-users] Known vulnerability in
> commons-fileupload v1.2.1, used by geoserver
>
>
>
> The comm page, where I believe you found info on registering for the user
> list,
>
> has a clear warning not to post security vulnerabilities:
>
>
>
> http://geoserver.org/comm/
>
>
>
> "If you encounter a security vulnerability in GeoServer please take care
> to report the issue in a responsible fashion. Do not use the mailing list,
> go intead to the Jira bug tracker instead and follow the "Responsible
> disclosure" instructions there."
>
>
>
> How do we make it more plain and evident so that grave mistakes do not
> occur anymore in the future?
>
> Maybe we should switch the background color of that box to red...
>
>
>
> Regards
>
> Andrea
>
>
>
> 
>



-- 

Regards, Andrea Aime == GeoServer Professional Services from the experts!
Visit http://goo.gl/it488V for more information. == Ing. Andrea Aime
@geowolf Technical Lead GeoSolutions S.A.S. Via di Montramito 3/A 55054
Massarosa (LU) phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339
8844549 http://www.geo-solutions.it http://twitter.com/geosolutions_it
--- *Con riferimento
alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 -
Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni
circostanza inerente alla presente email (il suo contenuto, gli eventuali
allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i
destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per
errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le
sarei comunque grato se potesse darmene notizia. This email is intended
only for the person or entity to which it is addressed and may contain
information that is privileged, confidential or otherwise protected from
disclosure. We remind that - as provided by European Regulation 2016/679
“GDPR” - copying, dissemination or use of this e-mail or the information
herein by anyone other than the intended recipient is prohibited. If you
have received this email by mistake, please notify us immediately by
telephone or e-mail.*
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Curve support for SQL Server

2018-06-07 Thread Mark Prins 

On 07-06-18 13:32, Olle Markljung wrote:

Hello all

I have users that would be helped if curve support for SQL Server became 
real.
I'm not sure if the implementation is needed in GeoServer or GeoTools 
but I reach out here first.


Are there others also seeking this support?


Ik had a look into this some years ago but our funding evaporated, so it 
stranded, see https://osgeo-org.atlassian.net/browse/GEOT-5512


some unfinished work is in: 
https://github.com/mprins/geotools/commit/e43286e7bae7101af0dad4edbee40f99ca81d4eb


docs are available at: 
https://msdn.microsoft.com/en-us/library/ee320858%28v=sql.105%29.aspx?f=255&MSPPError=-2147217396


Mark

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Curve support for SQL Server

2018-06-07 Thread Andrea Aime 
Hi Olle,
I did work on the curve support for SQL Server and Oracle, I've built the
in memory geometry representation
and GML encoding support in the first implementation [1], so believe all
you need to do
is to add support for parsing curves at the store level, somewhere around
here:

https://github.com/geotools/geotools/blob/865cc72a90b07841a4c871d1b07fcc8e5defd35b/modules/plugin/jdbc/jdbc-sqlserver/src/main/java/org/geotools/data/sqlserver/SQLServerDialect.java#L619

Curves cannot be encoded in WKB, unless SQLServer has extensions, a sort of
extended WKB
like in PostGIS, so it might be that case that curves could be supported
only if native encoding is used.
For reference, here is PostGIS parser handling curves:
https://github.com/geotools/geotools/blob/865cc72a90b07841a4c871d1b07fcc8e5defd35b/modules/plugin/jdbc/jdbc-postgis/src/main/java/org/geotools/data/postgis/WKBReader.java#L117
and the class doing the same for Oracle:
https://github.com/geotools/geotools/blob/865cc72a90b07841a4c871d1b07fcc8e5defd35b/modules/plugin/jdbc/jdbc-oracle/src/main/java/org/geotools/data/oracle/sdo/SDO.java#L71

Here are the GeoTools contribution guidelines, check them carefully
(signing CLA, code conventions, proper test coverage, and other
things written in there, if you don't respect them the PR will be rejected,
so consider them in your estimates):
https://github.com/geotools/geotools/blob/master/CONTRIBUTING.md

Hope this helps

Cheers
Andrea


[1]: Well, minus eventual bugs and other case specific issues, that is

On Thu, Jun 7, 2018 at 1:32 PM, Olle Markljung  wrote:

> Hello all
>
> I have users that would be helped if curve support for SQL Server became
> real.
> I'm not sure if the implementation is needed in GeoServer or GeoTools but
> I reach out here first.
>
> Are there others also seeking this support?
>
> I might be able to do the implementation myself but otherwise perhaps some
> of the commercial support partners can be contracted.
>
> First I need to get a grip of the magnitude of work that needs to be put
> in.
> I guess that the approach is similar to the support for Oracle Spatial and
> PostGIS but if someone involved in previous work could give some hints of
> how to go about to add the support for SQL Server it would be appreciated.
>
> Regards,
> Olle Markljung
>
>
>
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Geoserver-users mailing list
>
> Please make sure you read the following two resources before posting to
> this list:
> - Earning your support instead of buying it, but Ian Turton:
> http://www.ianturton.com/talks/foss4g.html#/
> - The GeoServer user list posting guidelines: http://geoserver.org/comm/
> userlist-guidelines.html
>
> If you want to request a feature or an improvement, also see this:
> https://github.com/geoserver/geoserver/wiki/Successfully-
> requesting-and-integrating-new-features-and-improvements-in-GeoServer
>
>
> Geoserver-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>
>


-- 

Regards, Andrea Aime == GeoServer Professional Services from the experts!
Visit http://goo.gl/it488V for more information. == Ing. Andrea Aime
@geowolf Technical Lead GeoSolutions S.A.S. Via di Montramito 3/A 55054
Massarosa (LU) phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339
8844549 http://www.geo-solutions.it http://twitter.com/geosolutions_it
--- *Con riferimento
alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 -
Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni
circostanza inerente alla presente email (il suo contenuto, gli eventuali
allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i
destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per
errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le
sarei comunque grato se potesse darmene notizia. This email is intended
only for the person or entity to which it is addressed and may contain
information that is privileged, confidential or otherwise protected from
disclosure. We remind that - as provided by European Regulation 2016/679
“GDPR” - copying, dissemination or use of this e-mail or the information
herein by anyone other than the intended recipient is prohibited. If you
have received this email by mistake, please notify us immediately by
telephone or e-mail.*
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your

[Geoserver-users] Curve support for SQL Server

2018-06-07 Thread Olle Markljung 
Hello all

I have users that would be helped if curve support for SQL Server became
real.
I'm not sure if the implementation is needed in GeoServer or GeoTools but I
reach out here first.

Are there others also seeking this support?

I might be able to do the implementation myself but otherwise perhaps some
of the commercial support partners can be contracted.

First I need to get a grip of the magnitude of work that needs to be put in.
I guess that the approach is similar to the support for Oracle Spatial and
PostGIS but if someone involved in previous work could give some hints of
how to go about to add the support for SQL Server it would be appreciated.

Regards,
Olle Markljung
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

[Geoserver-users] Geoserver mbtiles generation issue

2018-06-07 Thread unni mana 
Hello All.

when I tried to generate a mntiles using Geoserver WPS request builder
tool,  I am getting ahe following error

"Feature not available."
This layer is a geotiff based on.  I was told that feature cannot be added
since it is  geotiff

Please correct my understanding. if so. how ca I generte mbtiles ?


Best Regards,
Unnni ma


-- 
--
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Geoserver WFS 2.0 combined with app-schema

2018-06-07 Thread Nuno Oliveira 

Good point Ben, thanks for the heads up !

On 06/07/2018 01:07 AM, Ben Caradoc-Davies wrote:

On 07/06/18 08:37, Nuno Oliveira wrote:
Regarding this request you are asking for GML3 ... which implies WFS 1.1.0 
and GML 3 schemas. Your target INSPIRE schema uses GML32, so you should 
request for GML32 output IMHO:
https://geo.sv.rostock.de/inspire/us-govserv-schools/ows?service=WFS&version=2.0.0&request=GetFeature&typeNames=us-govserv-schools:GovernmentalService&*outputFormat=gml32*&maxFeatures=1 



Tim,

in my email client, viewing as plain text, this URL contains "*" for bold 
around "outputFormat=gml32". Be sure to remove these if your email client adds 
them.  :-)


Kind regards,



--
Regards,
Nuno Oliveira
==
GeoServer Professional Services from the experts!
Visit http://goo.gl/it488V for more information.
==

Nuno Miguel Carvalho Oliveira
@nmcoliveira
Software Engineer

GeoSolutions S.A.S.
Via di Montramito 3/A
55054  Massarosa (LU)
Italy
phone: +39 0584 962313
fax:  +39 0584 1660272

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

---

Con riferimento alla normativa sul trattamento dei dati
personali (Reg. UE 2016/679 - Regolamento generale sulla
protezione dei dati “GDPR”), si precisa che ogni
circostanza inerente alla presente email (il suo contenuto,
gli eventuali allegati, etc.) è un dato la cui conoscenza
è riservata al/i solo/i destinatario/i indicati dallo
scrivente. Se il messaggio Le è giunto per errore, è
tenuta/o a cancellarlo, ogni altra operazione è illecita.
Le sarei comunque grato se potesse darmene notizia.

This email is intended only for the person or entity to
which it is addressed and may contain information that
is privileged, confidential or otherwise protected from
disclosure. We remind that - as provided by European
Regulation 2016/679 “GDPR” - copying, dissemination or
use of this e-mail or the information herein by anyone
other than the intended recipient is prohibited. If you
have received this email by mistake, please notify
us immediately by telephone or e-mail.


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users