Uploaded image for project: 'GeoServer'
  1. GeoServer
  2. GEOS-8944

GWC fails to cache tiles if GeoFence with source IP driven rules are used for authentication

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Medium
    • Resolution: Fixed
    • Affects versions: 2.13.2
    • Fix versions: 2.13.3, 2.14.1, 2.15.0
    • Components: GWC
    • Labels:
      None
    • Environment:

      GeoServer 2.13.2 with external GeoFence

      Description

      GWC creates a mock request for the WMS to generate tiles to be cached, but it uses "127.0.0.1" as RemoteHost:
      https://github.com/geoserver/geoserver/blob/master/src/gwc/src/main/java/org/geoserver/gwc/FakeHttpServletRequest.java#L303

      This will make the WMS check for a rule about "127.0.0.1", and not the actual IP of the request, changing the resulting image, or (if 127.0.0.1 is not allowed at all) failing to provide it.

      The remote hostname and ip should be made available to the WMS that needs to render the tile.

        Attachments

          Activity

            People

            • Assignee:
              nmco Nuno Oliveira
              Reporter:
              Gnafu Gnafu
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: