Uploaded image for project: 'GeoServer'
  1. GEOS-7917

Data (workspace) security does not apply to layer groups

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Medium
    • Resolution: Fixed
    • Affects Version/s: 2.10.0
    • Fix Version/s: 2.11-beta
    • Component/s: None
    • Labels:
      None
    • Environment:

      Windows / Ubuntu

      Description

      As far as I understand, a rule that looks like

      <workspace>.*.r
      

      that's given a role of ROLE_AUTHENTICATED, means that when you're logged out, you should see nothing from this workspace.

      As of 2.9 and 2.10, this is no longer happening.

      To reproduce:

      1. With a default GeoServer, change the spearfish layer group to be in the sf workspace.
      2. Add a new Data Security rule of sf.*.r and give it a role of ROLE_AUTHENTICATED.
      3. Log out.
      4. Go to Layer Preview.
      5. You will see no other layers from the sf workspace, but you will still see sf:spearfish.

        Attachments

          Activity

            People

            • Assignee:
              aaime Andrea Aime
              Reporter:
              bmmpxf Mike Pumphrey
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: