>Could you share the details on how you extended the security configuration
>files
>to put in them the info about the allowed bbox ?
I had to use many dataSource (like xml,bdd and ldap) and our right extended
(layer,bbox(s),service,request,filters etc are linked together in the geoRM) so
I wrote my own system and I think it would not be usefull for you.
I didn't use properties file like in
org.geoserver.security.DefaultDataAccessManager in order to correct the problem
with '.' in coordinate, I used xml (and avoid properties files). I created DTOs
(my own enveloppe) and for serialization/deserialization I used Xstream (which
is in geoserver too):
If you want one Bbox for one role and layer: (with xstream and alias you have
object direcly:)
<right>
<role>test</role>
<bbox>
<x1>-8236345.031824412</x1>
<x2>-8236346.031824412</x2>
<y1>4968280.5516899815</y1>
<y2>4971290.776477601</y2>
<crs> EPSG:900913</crs>
</bbox>
</right
auth = (Authentication) SecurityContextHolder
.getContext().getAuthentication();
protected int vote(org.geoserver.platform.Operation op, Authentication user) {
GetMapRequest getMapRequest = (GetMapRequest) op.getParameters()[0];
MapLayerInfo[] layersInfo = getMapRequest.getLayers();
org.geotools.geometry.jts.ReferencedEnvelope env = new
ReferencedEnvelope(
getMapRequest.getBbox(), getMapRequest.getCrs());
MyBbox
bbox=bboxManagerOrDao(auth.getGrantedAuthorities()[0],layersInfo[0]);
ReferencedEnvelope env2=new
ReferencedEnvelope(bbox.getX1(),bbox.getX1() , bbox.getX1() , bbox.getX1()
,bbox.getCRS());
env2=env2.transform(getMapRequest.getCrs(), true);
boolean isIn=env2.contains((BoundingBox)env));
...
I can't do more
Fabien
________________________________
Ce message et les pi?ces jointes sont confidentiels et r?serv?s ? l'usage
exclusif de ses destinataires. Il peut ?galement ?tre prot?g? par le secret
professionnel. Si vous recevez ce message par erreur, merci d'en avertir
imm?diatement l'exp?diteur et de le d?truire. L'int?grit? du message ne pouvant
?tre assur?e sur Internet, la responsabilit? du groupe Atos Origin ne pourra
?tre recherch?e quant au contenu de ce message. Bien que les meilleurs efforts
soient faits pour maintenir cette transmission exempte de tout virus,
l'exp?diteur ne donne aucune garantie ? cet ?gard et sa responsabilit? ne
saurait ?tre recherch?e pour tout dommage r?sultant d'un virus transmis.
This e-mail and the documents attached are confidential and intended solely for
the addressee; it may also be privileged. If you receive this e-mail in error,
please notify the sender immediately and destroy it. As its integrity cannot be
secured on the Internet, the Atos Origin group liability cannot be triggered
for the message content. Although the sender endeavours to maintain a computer
virus-free network, the sender does not warrant that this transmission is
virus-free and will not be liable for any damages resulting from any virus
transmitted.
------------------------------------------------------------------------------
The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your
production scanning environment may not be a perfect world - but thanks to
Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700
Series Scanner you'll get full speed at 300 dpi even with all image
processing features enabled. http://p.sf.net/sfu/kodak-com
_______________________________________________
Geoserver-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
