Hi,
I have found the issue. The regression seems to be introduced in
https://github.com/geoserver/geoserver/commit/c1750a1499fc059ecce153322eef8ff119684881
by n-lagomarsini
In DefaultResourceAccessManager method getSecurityFilter, where the
layer security tree is converted to a filter, it will create a negative
workspace filter whenever the root is accessible, even if the workspace
is accessible as well. The method is quite confusing.
I suggest this fix:
https://github.com/NielsCharlier/geoserver/commit/933f3c64c9fff980352eb89fc703f73e71f4398e
That solves the problem and the code looks a bit more understandable.
We need to build a test from scratch because apparently there is no test
for this method present at all (or any usable test case for that
matter). I think that is rather necessary to prevent such regressions.
Will get this done later in the day.
Regards
Niels
On 18-03-15 07:54, Jody Garnett wrote:
While I can see an active discussion on the maven repo proposal, I am
a bit more interested the the delay to tomorrow's release.
The problem has been reproduced - is it severe enough to be a blocker?
Probably since it is security related ( I think it results in less
content being visible than before? )
If this change was intensional as part of the JDBCConfig filter work
we should at least document and provide update instructions.
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Geoserver-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Geoserver-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
